Yet another way to use XSS for exploits.

http://labs.neohapsis.com/2012/04/25/abusing-password-managers-with-xss/