A change made months ago in an open-source JavaScript library introduced a cross-site scripting (XSS) vulnerability in Google Search.
The Japanese security researcher Masato Kinugawa discovered an XSS vulnerability in Google Search that was introduced with a change made months ago in an open-source JavaScript library.
The library is named Closure and according to the expert it fails to properly sanitize user input.