Cross-site Scripting (XSS)

github.com/fabiolb/fabio is vulnerable to cross-site scripting XSS attacks. The vulnerability exists as the value of path and val in admin/ui/manual.go are not sanitized and can be used to inject arbitary Javascript into a victim's browser...