In fact, you can see the hacking attempt for yourself, if you click this link, and try to edit the item, by clicking the pencil button, since I have consciously left the hacking attempt as it was, to illustrate the concept. Now as the item is turned from Markdown into HTML, the script inclusion is explicitly removed, since the script tag is not on my “whitelist” – Hence, although it was a creative attempt, it didn’t succeed. Simply put, because of the entirety of Phosphorus Five, and all of its related apps, are consciously created with extremely “defensive coding”, and such simple script inclusions are definitely high up on my radar in regards to security.
For the record, if you wish to try to hack Phosphorus Five, I would appreciate it if you sent me an email at email@example.com – If you were somehow to actually succeed. And (of course) explain to me how you managed to do it.