So could this be characterized as a Gravatar security hole rather than a Disqus one? Are other services using Gravatar vulnerable to a similar attack?