Help Center Live contains a flaw that may allow an attacker to execute arbitrary commands with elevated privileges. The issue is due to the application running user-supplied commands under the trust relationship between the server hosting the application and another machine. By embedding commands or URLs in an IMG tag, a user clicking on it may execute the command or establish a connection with a higher trust relationship than intended.
Currently, there are no known workarounds or upgrades to correct this issue. However, Michael Bird has released a patch to address this vulnerability.