ZITADEL: Stored XSS via Default URI Redirect Leads to Account Takeover