Overzealous character escaping most likely. It's to prevent certain types of exploits when displaying user submitted content as users could post, for example, javascript code that would then run on the page. By "escaping" certain characters it prevents this. For example by changing & to &
it will instruct the browser to change it from a literal ampersand to a display ampersand. The problem then comes when some container elements don't use these display ampersands and just display the literal code. I'm sorry I couldn't explain it better.
You can see exactly what I mean if you reply to this comment and type &
then type it again but inside of a code block (inside of two backticks `)