In the querry string simply add something like msg=<script>alert(‘XSS’)<script>
A script that has been injected into the database. An example would be to add the script to a comment field. Thus everytime the list of comments is display the scirpt is run. OR it could be embedded in an image file. New browsers won’t display the image but IE6 will.
DOM Based + JSON + JQuery