Qdming

**Name of the Vulnerable Software and Affected Versions** funboot version 1.1 **Description** The issue is related to Cross Site Scripting (XSS) via the `title` field in the "create a message" endpoint. This allows for potential malicious script injection. **Recommendations** For funboot version 1.1, as a temporary workaround, consider restricting input for the `title` field in the "create a message" endpoint until a patch is available.