[chipotle_coyote]

I'm pretty sure that's because Markdown was written specifically for pre-processing HTML blog posts. It was never meant to be a full-on replacement for HTML, but simply a way to make the HTML that you're most likely to use when writing such a post easier to write. If I'm the only person who can post to my blog, there are no security issues introduced by using Markdown. (Or at least, no more security issues than would be introduced if I could use pure HTML for posting on my blog.)

[_delirium]

I've used it for that, and the inclusion of HTML is sometimes a nice "escape hatch": you can write pages mostly in Markdown, but include inline HTML when you need to add formatting or interaction to a page that Markdown's own syntax doesn't support.

Some Markdown parsers have an option to sanitize embedded HTML, e.g. Discount, and its bindings in various languages, does a very basic s/</\&lt;/g when the "no html" option is used: http://www.pell.portland.or.us/~orc/Code/discount/