Levent Kayan, a security consultant based in Berlin posted early last week about a vulnerability affecting Skype.

Levent describes the effect of the vulnerability as,

“An attacker could trivially hijack session IDs of remote users and leverage the vulnerability to increase the attack vector to the underlying software and operating system of the victim.”

You can read the release at http://www.noptrix.net/advisories/skype_xss.txt or check out an article at computerworld.com containing more information.