Multiple cross site scripting vulnerabilities were identified in Google Docs. A remote attacker could write a malformed document and invite, through Google Docs sharing option, other users to see it in order to obtain their cookies.
54d590b34d9f2995c50a89fd510a286b3611e3649d2f739f89b855fc616475e0