On the 2nd page of my activity history [1] there's a XSS hole. The question title of http://stackoverflow.com/questions/4549719/displaying-textarea-value-as-html appears unescaped in the activity.
(it's by the way not specifically the 2nd page, it appears on every page, see e.g. the OP in question [2])
<marquee>XSS hole in activity page</marquee>
- Michael Mrozek<blink>
? - jjnguy