I was injecting the script so the cookies would be sent to an email, the error was that in the search i was injecting into returned an error stating the search does not read the * and ? characters. I was using a ? in the xss script as
I am assuming this means I need to configure the injection to where I will not have to use the ? character. However I closed the search:
and then added the script.
Just looking for a bit of assistance.