No, HTML5 cannot cause crap to be assimilated in a bad way, though it can by extension via JavaScript; the same holds true when using a XSS attack to meet a similar purpose. Likewise, the same can be said about cookie-hijacking, too. A popular tactic these days is using the canvas exploit.
It goes back to my post above. A hack is only useful if there's a large statistical probability indicating that the attack will work. No one is going to write a modern day exploit that targets a particular browser which practically no user uses, like, lynx. On the other hand, there is a much better chance that the attack will work when you understand the psychology (specifically, that people are lazy and don't always update their software) and understand the anatomy of the exploit.