I've read those in the past. The thing that amazes me is why people would waste their time to hack forum type sites. I can more understand the Target hack, where there is opportunity for profit. Maybe I am missing something, but what value could there possibly be for a hacker to place malicious code in a forum site. I know - because they can, and they are just destructive people. And because they are actually hacker want to be's. They don't have the talent to hack a well designed secure site like most financials, so they screw around with the small stuff.

They place the malicious code EVERYWHERE they can, so it can get on the system you are using right now, and exfiltrate financial or other proprietary information that they can use for a profit.
Hacking is not about graffiti and disruption anymore. That's so early mid-90s. A good "hack" is silent and unnoticed so they can proceed with their malicious intentions.
This is my primary field.

Yeah, my field too for over 30 years with a large financial institution. I'm glad I'm retired now. Writing batch programs in PL1 and Cobol seem like the good old days. The short period of client server seems like a breeze when you compare it to the complexity of keeping web transaction integrity over dozen of servers, many times some which are not under your data center control, all of which are subject to security breaches. I heard some young IT guy on Fox make a comment that his company could implement ObamaCare with a couple million bucks, saying "it is just a simple web page." Yeah right! Guy was clueless.