nostr:npub108pv4cg5ag52nq082kd5leu9ffrn2gdg6g4xdwatn73y36uzplmq9uyev6 nostr:npub12haw8lqt6g57r8zk9vc7w32cezuu2d5tcqpsarquntgfl5n0wrjq8nxxk6 >Pleroma is full of security vulnerabilities because OnlyFans paid people on Upwork to implement a bunch of features nobody wants.

Also there's nobody auditing it. As jank as Mastodon is, they have processes for dealing with this too and a bug bounty.

https://arstechnica.com/security/2023/07/mastodon-fixes-critical-tootroot-vulnerability-allowing-node-hijacking/

https://docs.joinmastodon.org/dev/disclosure/