Proof of Concept (POC)
For this article, I will be using DropBox, a popular file storage site, as an example.
Protective Measures (Edit)
[Thanks to Gorgio for highlighting this]
To prevent against such implementations of iframes, you may change the default settings under “NoScript Options|Embedded” and check the relevant “Forbid …” options.
If you have any insights into this, your findings and views are greatly welcome! 🙂
Note: The vulnerability and the versions of firefox and NoScript used are the most updated as of the time of this article (25/02/2012).