[buy.coinbase.com]Content Injection

# Hello Coinbase ### Details I'm not sure if this issue will count, i just want to make sure that is why i submit it. The parameter `code` is Vulnerable in Content Injection allowing me to inject any Text. ### Proof Of Concept Here is my PoC: {F173393} and this which the text overlaps on the modal. {F173394} ### PoC Link `https://buy.coinbase.com/widget?code=<Content Injection here>&address=1234567890&crypto_currency=BTC` Best Regards, @phspade