However this will ONLY affect website owners who use DoubleClick as a stand alone service to display adverts. It does not affect website owners who use Google AdSense to display adverts and have enabled the additional options to also use DoubleClick as a method of advertising in the allowed advertisers section of your Google AdSense settings page.
The email reads:
We’ve identified certain vendor files that may contain XSS vulnerabilities which could pose a security risk. Please check if you are hosting these files and remove them with the help of your webmaster. These are the currently identified third-party vendor files:
We have disabled these vendors where possible for all DoubleClick for Publishers and DoubleClick Ad Exchange customers. However, any of the mentioned files hosted on your site may still pose a risk and should be taken down. We will notify you as we learn more.
For more information please refer to this Help Center article.
The DoubleClick for Publishers and DoubleClick Ad Exchange Teams