double encode any text that is destined for meta fields.

boot.php

@@ -12,7 +12,7 @@ require_once('library/Mobile_Detect/Mobile_Detect.php');
 require_once('include/features.php');
 
 define ( 'FRIENDICA_PLATFORM',     'Friendica');
-define ( 'FRIENDICA_VERSION',      '3.1.1627' );
+define ( 'FRIENDICA_VERSION',      '3.1.1643' );
 define ( 'DFRN_PROTOCOL_VERSION',  '2.23'    );
 define ( 'DB_UPDATE_VERSION',      1163      );
 define ( 'EOL',                    "<br />\r\n"     );

mod/display.php

@@ -172,6 +172,9 @@ function display_content(&$a, $update = 0) {
 		$description = trim(html2plain(bbcode($r[0]["body"], false, false), 0, true));
 		$title = trim(html2plain(bbcode($r[0]["title"], false, false), 0, true));
 
+		$description = htmlspecialchars($description, ENT_COMPAT, 'UTF-8', true); // allow double encoding here
+		$title = htmlspecialchars($title, ENT_COMPAT, 'UTF-8', true); // allow double encoding here
+
 		if ($title == "")
 			$title = $r[0]["author-name"];