There are multiple ways to bypass filtering functions and conduct crossite scripting attack.
vulners.com/securityvulns/securityvulns:doc:16602