on Nostr: silverpill I think so, after fetching an actor it performs webfinger lookup on the ...
silverpill (npub1df0…7gmw) I think so, after fetching an actor it performs webfinger lookup on the same domain, but due to faulty webfinger pipeline rewrite it accepted any arbitrary domain in response. I recall Mastodon had a similar vulnerability.