@dheadshot the conclusion says that "Mastodon was not vulnerable to this particular attack" and that it only applied to a fork of Mastodon. Plus, Mastodon did a security release anyway that, when applied to that fork, prevented the attack. Hometown is already up to date with that security patch so we are all good to go