Found Simple Reflected XSS with a simple enumeration

How a lil enumeration helped me finding simple xss on a searchbox.

Website name changed to redacted.com

I was trying to find something on main website was not able to get something good.

Then I started extracting the subdomains and tool I used for subdomains listing is sublister.

I found a subdomain blog.redacted.com and I saw a searchbox , simply inserted <script>alert(1)</script> in searchbox and payload executed.