In de Page_load of a ASP.NET page called inject.aspx:

Response.Write("Hello "  + Request.QueryString["name"]); 

Direct your browser to “…./…../inject.aspx?name=alert(“script injected”);”

To avoid HTML injection adjust the code below to:

Response.Write("Hello "  + Server.HtmlEncode(Request.QueryString["name"]));