If you were to log in, you'd be able to get more information on your fellow community member.
I just tried to reproduce Bas's NEEDS LOGIN exploit against a V/5 5.6.2 server of mine, and it did not evaluate the Query-String: HTTP header as Tcl code.