A 6 year old vulnerability has been discovered in multiple browsers,
allowing malicious people to spoof the content of websites.
The problem is that the browsers don't check if a target frame belongs
to a website containing a malicious link, which therefore doesn't prevent
one browser window from loading content in a named frame in another window.
Successful exploitation allows a malicious website to load arbitrary content
in an arbitrary frame in another browser window owned by e.g. a trusted site.