mr_mischief (456295) writes "The Register reports that a vulnerability allowed exploiting Google Docs to access information stored in users' GMail accounts. The bug is said to be fixed now. It was possible using proof-of-concept code to grab Gmail contact lists as witnessed by the reporters. The developer of the PoC says he could just as easily grab actual email messages or other user data on Google's servers until the hole was closed."
Link to Original Source