Get the Whitepaper called Exploitation of “Self-Only” Cross Site Scripting in Google Code. The author discusses how leveraging the use of clickjacking has enabled them to properly exploit a priorly non-exploitable cross site scripting issue in Google Code.
You can download it from the following link: https://packetstormsecurity.com/files/download/99580/googlexss-exploitation.pdf
Source: https://packetstormsecurity.com/files/99580/Exploitation-Of-Self-Only-XSS-In-Google-Code.html