In this example the user entered tweet is stored and displayed without any form of encoding. This results in a Stored Cross-site scripting vulnerability.
Try to submit a tweet with HTML inside it and it will be rendered.