Cross-site Scripting (XSS)

github.com/koding/koding is vulnerable to cross-site scripting XSS attacks. The vulnerability exists because fileitem.coffee allow injection of arbitrary value into path in filetree...