The vulnerability was first reported on Tuesday by the Google security blog, which reported the vulnerability to Google and said the vulnerability could allow an attacker to steal passwords, the exact nature of which was not clear.
The bug, described as “sophisticated and potentially very serious,” affected users who were not authenticated as a Google employee, the blog reported.
Google acknowledged the vulnerability on Wednesday and said it was working with the database company to fix it.
The vulnerability is likely to be exploited by a malicious person or group, Google said.
Google has not confirmed that it was the company responsible for the bug.
Google has said that it will “continue to monitor” and update its PSS security model.
“The Google PSS team is currently investigating a number of potential issues that have been reported to us in relation to this issue,” the company said in a statement.
“We are working with our PSS partner to address the issues.
We have made no further changes to our Pss platform at this time.”