Just thought about letting you know about this: most domain registrars will not filter what you put on your REGISTRANT CONTACT INFO and WILL allow the script tag! As you know, being able to run scripts, the sky is the limit.
Whois XSS // Black Hat Domainer
Whois XSS // Black Hat Domainer