Just in from eWeek… Hopefully this will be addressed in short order.
UNIX developers HBX Networks have stumbled upon a bug within Google’s Gmail that allows access to other users’ personal e-mails.
By altering the “From” address field of an e-mail sent to the service, hackers could potentially find out a user’s personal information, including passwords.
At first glance, to the average user the e-mail would appear normal. But by clicking “show options” within the Gmail interface, the “Reply-To” field will show HTML code that is actually a formatted version of another user’s e-mail, HBX wrote on its Web site. [eWeek]