It has an XSS vulnerability baked in - if you add a `?continue=javascript:alert('Hi')`, you'll see a button below the easter egg text