Sam Bull

**Name of the Vulnerable Software and Affected Versions** Apache Answer versions through 1.3.5 **Description** The issue is related to inadequate encryption strength, where the MD5 value of a user's email is used to access Gravatar, leading to potential leakage of user email. The official recommendation is to use SHA256 instead. **Recommendations** Upgrade to version 1.4.0, which fixes the issue. As a temporary workaround, consider using SHA256 instead of MD5 for accessing Gravatar to minimize the risk of exploitation.