Google Patches Vulnerabilities in Caja Tool
Google has patched several vulnerabilities in Caja that could have been exploited for cross-site scripting (XSS) attacks on the Google Docs and Developers domains.
Read more: Google Patches Vulnerabilities in Caja Tool
Story added 5. July 2016, content source with full text you can find at link above.