I find marquee extremely useful, for one reason: HTML injection.
I find it helpful to test for HTML injection vulnerabilities because marquee moves, and it's a tag that (almost) nobody intentionally uses, making it easy to identify when an attack works.
I also find it helpful to show non-technical people the effects of HTML injection, because, again, it moves. "This moves and it really shouldn't move" is something people understand better than "this text is bold and it really shouldn't be bold."
I browse Hacker News through a custom aggregator. This post is how I found out it’s susceptible to HTML injection - a (2020) was marqueeing across my screen.
I find it helpful to test for HTML injection vulnerabilities because marquee moves, and it's a tag that (almost) nobody intentionally uses, making it easy to identify when an attack works.
I also find it helpful to show non-technical people the effects of HTML injection, because, again, it moves. "This moves and it really shouldn't move" is something people understand better than "this text is bold and it really shouldn't be bold."