What are the risks of letting users upload and run Javascript

Question

If you have say an HTML5 games arcade, that allows users to upload a script that runs a game with HTML5 and Javascript, assuming you have no filters on their input (apart fr

Answer 1

Check the links below which i found helpful for understanding the possibilities.

http://ejohn.org/blog/javascript-based-injection-attacks/

http://google-caja.googlecode.com/svn/changes/mikesamuel/string-interpolation-29-Jan-2008/trunk/src/js/com/google/caja/interp/index.html