Account take over of 'light' starbuckscardb2b users

This issue was found on https://www.starbuckscardb2b.com, this website belongs to starbucks and its is a critical vulnerability so I am reporting this. ```Issue:``` An attacker can takeover the account of the victim by creating a new account by using victim's (who is already registered) email address. Steps to reproduce are as follows: 1. Open https://www.starbuckscardb2b.com and go to create account. 2. for example user successfully created the account with ```[email protected]``` and password ```12345678``` 3. Now attacker will create the account with the email used in step 2 ```[email protected]``` with different password. 4. After completion of step 3 the password for the ```[email protected]``` user will be set to the password used by attacker. 5. This will result in the account take over by attacker. ## Impact An attacker can take over the control of any/all registered users.