Well, not exposed in detail, but rather announced. An Israeli publication, Nana Net Life, broke the news that a simple XSS exploit can be used to gain access to your GMail account. The exploit was not explained specifically but in the most general terms, it seems that a hacker hijacks your GMail cookie when you follow a special link that has been setup to grab your cookie. Once your cookie is captured, a hacker then has access to your GMail account and changing your password has no effect. Workarounds? I think that not checking the autologin for 2 weeks button will safeguard your account.

Update: The exploit involves a XSS exploit. You can read more about XSS exploits here via Whovian commenting on a Slashdot article regarding the bug.

Google is reported to be working resolve the security bug as quickly as possible.