Cross Site Scripting vulnerabilities exist in the e-mail web services of hotmail.com, yahoo.com, and excite.com. These problems allow for cookie capturing of unsuspecting victims who may easily give up their cookies via clicking on a link in an e-mail or elsewhere and with the link actually pointing to the legitimate site.
0e1d0d54940384d01ff7c3049f87a8a7e2540acdafd2a17cb783e60afe5122f5
Lycos.com, the popular search engine and free e-mail site, has a Cross Site Scripting vulnerability that allows an attacker to fool a victim into clicking on a link to Lycos and in turn the attacker can hijack the Cookies of the victim.
d1802d7585d53ad58b69f79cc631f0470c55c28d1e28dc48ff19554a808c7ebb