Account Manipulation
github.com/navidrome/navidrome is vulnerable to Account Manipulation. The vulnerability is due to the insecure usage of the MD5 hashing algorithm to generate Gravatar URLs, which allows attackers to change another user's information under a controlled email address...