DOM XSS in `document.write` sink using source `location.search`¶

This looks like the vulnerable snippet:

<script>
  function trackSearch(query) {
    document.write('<img src="/resources/images/tracker.gif?searchTerms='+query+'">');
  }
  var query = (new URLSearchParams(window.location.search)).get('search');
  if(query) {
    trackSearch(query);
  }
</script>

DOM Invader solves this one in a few seconds:

Clicking "Exploit" solves the lab.

DOM XSS in document.write sink using source location.search¶

DOM XSS in `document.write` sink using source `location.search`¶