You have more web vulnerabilities by the way. Although I guess the attack vector is partially localized to logged in users.
I'm able to store a persistent Cross Site Request Forgery on the signature.
If you open firebug, and view my forum post. Notice an errant GET request is being sent to evil.com with the query parameters of foo=bar.