Crate & Barrel: Twitter Sharing: No working link back to website from Tweets generated from within the app

Crate & Barrel app (version 4.8)
Date: 01/29/2019

Description:

There is no working link back to the app or the website, from within a tweet generated by sharing an time.

There is only a photograph - no working link.

Veggie Print Dish Towel pic.twitter.com/1EJQ9wMfev

— iPad Mini Bugs (@iPad_App_Bugs) January 28, 2019

Steps to Reproduce:
1. Download and launch the app
2. Select "Shop"
3. Select any item
4. Scroll down to the "Share and Save" option for any time
5. Select the Twitter share option

Result: Only a photograph of the time you chose to share - no working link back to the website

Expected: Should always be a working link.

Bartels Giant Burger App for iOS - vulnerable to self directed Cross Site Scripting error

Bartels Giant Burger app for iOS
Date: 1/22/2019

Description:

The Bartels Giant Burger app is vulnerable to a self directed, cross site scripting error. This occurs after the user enters in a term like "<plaintext>" into the location search box.

I would assume that a number of other XSS errors can be triggered in this box.

This is easier to show than it is to describe, so please see the attached video:

.⁦@BartelsGiant⁩ There is a minor #XSS error with your iOS app#XSS #XSSiOSapp pic.twitter.com/R4apHmD386

— iPad Mini Bugs (@iPad_App_Bugs) January 22, 2019

Steps to Reproduce:
1. Download the Bartels Giant Burger app
2. Launch the app
3. Select "Locations" from the sidebar
4. From the "Find Your Store" screen, click inside the "Zip or City, State" input box
5. Enter in "<plaintext>" and run a search

Result: A search of "<plaintext>" in the "Find Your Store" location box of the Bartels Giant Burger app results in an XSS error

Expected: A search of "<plaintext>" in the "Find Your Store" location box in the Bartles Giant Burger app should not result in an XSS error

W.W. Grainger, Inc. For iPad App - Single Space Searches Crash the App

W.W. Grainger App for iOS (version 5.20.0)
Date: 01/07/2019

 Description: The W.W. Grainger, Inc. app for iOS will crash if the user runs a search for a single space in the location search bar. This is easier to show than it is to describe, so please take a look at a video of the crash:

.@grainger The W.W. Grainger, Inc. app for iOS crashes if the user runs a search on the map for a single space pic.twitter.com/CX3qXNMn4Y

— iPad Mini Bugs (@iPad_App_Bugs) January 7, 2019

Steps to Reproduce:

1. Download and launch the W.W. Grainger App for iOS
2. (after not allowing location access) Select "Branches"
3. Click inside the "Enter city, state, ZIP or country" input box
4. Press the spacebar once
5. Click on "Search"

Result: Running a search for a press of the spacebar crashes the app

Expected: Running a search for a press of the spacebar should not crash the app

Chewy app for iPad - The "Forgot your password?" link doesn't seem to work on the Account page

Chewy app for iOS (version 3.0.1)
Date: 01/05/2019

Description:

The "Forgot your password?" link on the Account page for the iOS app isn't working for me. During regular use, I went back to this area, after being logged out of my account. From the "Account" page, the "Forgot your password?" link does not work. It works in other areas of the app, but not from here.

.⁦@Chewy⁩ .⁦⁦@ChewyHelp⁩ .⁦@richKroll⁩ .@mishka101 I cant get the forgot password link to work on the profile page.... pic.twitter.com/DvKnmP0dB3

— iPad Mini Bugs (@iPad_App_Bugs) January 5, 2019

Steps to reproduce:

1. Download and launch the Chewy app
2. Select the "Account" icon in the bottom right of the screen
3. Select any option under "My Info" (My Pets, Order History, Payment Methods, Addresses)
4. Click on "Forgot your password?"

Result: The "Forgot your password?" link is not working for me on the Account page of the iOS app

Expected: The "Forgot your password?" link should work