Here's a clearer example: [google.com...] Previous examples gave JS syntax errors; this example shows that you can play with the user's Google cookie.
This isn't the easiest bug to exploit. First, [google.com...] doesn't have logins, so you can't do things "as the user" other than change his preferences. Second, it requires the Google user to click one of the tabs at the top of the page after following your malicious link.
Btw, that URL works in both IE and Mozilla Firebird.