This lab is to go with the Split XSS blog post.
The challenge is to get a working, and useful, XSS exploit within the limits of the two forms. I've given you jQuery, it is possible to do it without it, but it may require a short domain name for the first exercise.
In the real world the values would be saved and the XSS persistent rather than reflected as it is here.
Lab created by Robin Wood - DigiNinja