Having Some Fun With XSS
Sometimes a security issue isn't all that serious and you just want to have a bit of fun.
Customise Your Toy Shopping Experience with XSS
An example of why escaping HTML is important when rendering user-supplied data.
Deactivating Other People's Accounts on a Retail Website
Another reason to never trust that the user is who they say they are.
