4chan was never known for high security, early versions were pretty close to pasting raw user input into HTML, which was eagerly used by griefers, for example by pasting right-to-left unicode overrides in their comments which was enough to spill to the whole page.