According to ZDNet, vulnerability within Gmail could allow hackers full access to Gmail accounts giving them the ability to steal contacts and incoming emails.
Security researcher Chris Gatford noted that “attackers could compromise a Gmail account–using a cross-site scripting vulnerability–if the victim is logged in and clicks on a malicious link. From that moment, the attacker can take over the session cookies for Gmail and subsequently forward all the account’s messages to a POP account.”
This problem is made worse due to Google’s 2 year holding time for cookies. A hacker who manages to steal a users’ cookie would essentially have 2 years worth of access to the users account.
It is most likely that Google is aware of the problem and in the process of repairing it, however, as long as the issue is in place this could be potentially damaging to Gmail users.