*** FIXME *** Cross Site Scripting (XSS): Is one of code injection attacks where the attacker inserts some code (or data in general) in a web server in order for that web server (or the victim's web browser) to show or execute that inserted data. *** FIXME ***.There are three different types of XSS attacks according to wikipedia; however I am going to talk about the third type (Type number 2) here as it is the most interesting and dangerous.
This attack is not limited to web forums only as it can target any sites that takes input from users and displays this input later like blog comments, movies reviews, online web chatting systems, online computer games, etc. Emails can also carry such attacks but it may be called phishing, or Email fraud then.
Many solutions have been used in order to stop such attacks like disabling HTML tags or converting them to normal text before displaying them. Some forums use their own limited tags like [link:"http://www.linux.org"] or [b] and [/b] etc.