CVE-2014-0647
The Starbucks iOS app version 2.6.1 stores credentials and other sensitive user data in plaintext inside the Crashlytics log file (/Library/Caches/com.crashlytics.data/com.starbucks.mystarbucks/session.clslog). The data exposed include usernames, email addresses, and passwords, enabling an attack...