Vansh sharma discovered a vulnerability in GOOGLE CONNECT

Security researcher the leader Vansh & Vaibhuv and their Tem GOH (God Of hackers )discovered a vulnerability in GOOGLE CONNECT


PROOF OF CONCEPT:
1. Just go to http://www.google.com/friendconnect
2. signin in your account then click on NEWSLETTERS
3. Then in the text box there will be options like B (bold), I (italic),
Link
4. click on Edit HTML and enter this script
<iframe src="javascript:alert('XSS');"
></iframe>

and click on preview.