Hundreds of thousand websites host vulnerable Adobe Flash files which can be exploited by malicious people to conduct convincing phishing and XSS attacks. In most cases, cookie hijacking is possible.
Unsuspecting users can be redirected from trustworthy SSL and non-SSL sites to malware, adware and spyware sites. Read the full story [xssed.com]