Hacker Read

simonw | karma 58201 | avg karma 7.31 · 2016-05-04 22:14:18+00:00

This article is incorrect about this being a vector for executing JavaScript (the same origin policy prevents that), but the phishing potential from redirecting the opener page to a fake URL is definitely cause for concern.