Within just a few minutes of normal surfing I found a really good example of information leakage that could prove to be a serious issue in the future. If you happen to use maps.yahoo.com try this (I really suggest their beta site if you haven’t already tried it, it kicks Google’s maps’ ass). But anyway:
Using some XSS tricks it would be fairly easy to steal this information assuming something else on that site were XSS-able. Not that this particular application is vulnerable, but I think it shows what is possible. This will become a bigger and bigger deal with time. Mark my words!