Devilx86

**Name of the Vulnerable Software and Affected Versions** Friendica version 2024.03 **Description** The issue is related to Cross Site Scripting (XSS) in the settings/profile section via the `homepage`, `xmpp`, and `matrix` parameters. This allows for potential malicious script execution. **Recommendations** For Friendica version 2024.03, as a temporary workaround, consider restricting access to the settings/profile section until a patch is available. Avoid using the `homepage`, `xmpp`, and `matrix` parameters in the affected settings/profile section until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.