This one is almost amusing!

http://www.heise-online.co.uk/securi...--/news/110663

A cross-site scripting vulnerability on an Italian website allows attackers to inject malicious JavaScript by means of Morse code in the address