7500$ worth DOM XSS in Facebook Mobile Site

I was recently targeting adobe website for any vulnerabilities.I came to know that they were using (facebook/gmail) login to sign in instantly.when i clicked the ‘signin with facebook’,Facebook app login page was loaded.I just checked the url and saw there was a ‘cancel_url’ parameter,Which holds the url to which it redirects if the user choose to cancel the login process.The page redirects to adobe.com(source/origin) when ‘not now’ is clicked.I checked the source code of the page and saw that the url to redirect was stored in ‘href’ attribute

<a href=”https://adobe.com”/>

I was wondering if it was vulnerable to xss.So i checked by inputting javascript pseudo protocol ‘javascript:prompt(1)’ and clicked the ‘not now’,And i was shocked to see prompt 🤤..cool..Now what could an xss on a login page could do?.🤔

password and username can be stealed if the user choose to exit(clicking not now) rather than logging in 😁.Here is a test to just popup the facebook username entered by user ..when the ‘not now’ is clicked

https://m.facebook.com/login.php?skip_api_login=1&api_key=531310443646320&signed_next=1&next=https://m.facebook.com/v2.5/dialog/oauth&cancel_url=javascript:var+test=document.getElementById(%27m_login_email%27).value;prompt(test);

Facebook responded to the issue quickly and fixed the issue within hours 😊 and as bounty they paid me 7500$