If you allow img src, a malicious user could have a link
like <img src="
http://example.com/acs-admin/grant-sitewide-admin?user_id=X">
in a forum post or comment, which when someone with sitewide admin visited the post would automatically grant user X admin.
I would say that is a security hole.
