You should report this to Google if you still have a copy of the code so they can prevent this individual from further transgretions of the Adsense TOS.

A website I visited once, advertised that I could put my code on their site. I contacted Google to see if this was OK, they emphatically answered "NO!".

The quicker TOS violaters and scammers are removed from Adsense, the better it is for the rest of us.

This was probably an attempt to have their adsense ads displayed and clicked on through my site.

It could have been anyone posting this code. Anyone who can read html can grab someone's code and post it anywhere they want, maybe in an attempt to get them banned.

Since the forum's editor accepts HTML

You should stop the site from accepting scripts at a minimum before someone realizes you have a playground just waiting for kiddies to play. Some idiot could come along after a night of drinking and slap a javascript redirect into some posts thinking it's the funniest thing since sliced bread as all your visitors are bounced to porn sites, anarchist sites and much worse!

It's too early to start drinking yet so you have at least 6 hours to patch the problem ;)

Anyone who can read html can grab someone's code and post it anywhere they want, maybe in an attempt to get them banned.

A malicious strategy is the subject of another thread, so I guess there are vindictive people around who think that way.

I think we have to trust Google's fraud-detection system to be able to tell the difference between the fraudster and the victim (and the fraudster posing as a victim, which I suspect we see a lot of in this forum).

Whatever happens, I guess that for the bona-fide publisher the best strategy is to be open and honest with Adsense. If the OP's situation occurred on a forum of mine, I agree that emailing Support with the details and concerns is the best thing to do.