Here is a really strange bug that appears to be fixed in the latest web browser versions.
Some browsers will actually render <script> tags inside of <link>, <a href>, <div>, <img>, and possibly many other tags. See some examples on my test page. If you are running a vulnerable browser, some alert boxes will pop up. If you are running a browser where the bug has been fixed, then you won't really see much except some broken HTML code. Make sure to view the source of the page to see how the test site was setup.
Update 9/22/2011: I noticed that many mobile browsers are vulnerable to this bug, including iOS and Android Browser.