Transport Layer Security (TLS) provides secure communication between systems
over the internet by encrypting the data sent between them. In this process,
the role of hostname validation, combined with certificate validation, is to
ensure that a system is indeed the one it claims to be, adding an extra layer
of trust and security.

When hostname validation is disabled, the client skips this critical check.
This creates an opportunity for attackers to pose as a trusted entity and
intercept, manipulate, or steal the data being transmitted.

To do so, an attacker would obtain a valid certificate
authenticating `example.com`, serve it using a different hostname, and
the application code would still accept it.