MS Passport hijack
An explicit account hijacking exploit against Microsoft's Hotmail was published at Eye on Security, which can be easily adapted for other Web Applications and Web Mail packages, which make use of HTML, JavaScript and Cookie technology.
The given exploit is basically a cross-scripting attack, that fools the Microsoft system into sending the user's session cookie to the attacker. To trigger this, the user only needs to click on a presumably trusting link (e.g. in an email message) and he/she will be sending his/her credentials to the attacker's server. Click here to go read the article at www.m0ss.com .