UNIX developers HBX Networks have stumbled upon a bug within Googles Gmail that allows access to other users personal e-mails.
By altering the “From” address field of an e-mail sent to the service, hackers could potentially find out a users personal information, including passwords.
At first glance, to the average user the e-mail would appear normal. But by clicking “show options” within the Gmail interface, the “Reply-To” field will show HTML code that is actually a formatted version of another users e-mail, HBX wrote on its Web site.
HBX said that they think a missing character is tripping up Gmail and causing it to print whatever is in its cache, or memory, into the Reply-To field.
The group did say much of what they saw was spam. However, what troubled them was in at least one case they were able to see a users password.