Starbucks: DOM XSS on app.starbucks.com via ReturnUrl

Summary: XSS Can be achieved via the ReturnUrl when signing in on app.starbucks.com Platforms Affected: app.starbucks.com Steps To Reproduce: 1. Visit https://app.starbucks.com/account/signin?ReturnUrl=%09Jav%09ascript:alertdocument.domain 2. Sign in Supporting Material/References: F461364 How ca...