Remember to validate the input before printing it to the browser:

• Cross Site Scripting Vulnerabilities (PDF)
• Malicious HTML Tags Embedded in Client Web Requests