## Background For applications which used the Google API tamings (not enabled by default), the taming of the `google.load` function did not sanitize its arguments sufficiently.
## Impact and Advice The vulnerability allows invoking arbitrary functions on the host page that can be accessed through properties on the global object, with no arguments. The exact impact of this depends on the contents of the host page; for more information read about “reverse clickjacking” at https://plus.google.com/u/0/+AleksandrDobkin-Google/posts/JMwA7Y3RYzV. All users which load `google.load.loaderFactory.js` in their Caja deployments should upgrade to Caja v6010 https://github.com/google/caja/releases/tag/v6010 or later. If there is a problem upgrading, it is also feasible to apply the below patch directly, but we do not recommend using old versions of Caja any longer than necessary. ## More Information The patch for the vulnerability may be found at: * https://codereview.appspot.com/296060043/ -- --- You received this message because you are subscribed to the Google Groups "Google Caja Discuss" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
