Google’s noteworthy antispam engineer Matt Cutts discussed the issue of cross-site scripting (XSS) flaws, as vulnerable sites have infected pages popping up in the dominant search engine’s results pages.