1) Reflected XSS into HTML context with nothing encoded

When searching for a term, it is reflected back in the result: