CVE-2019-11384
The CVE-2019-11384 entry describes the Zalora Android app (version 6.15.1) storing credentials in plaintext under /data/data/com.zalora.android/shared_prefs/login_data.xml, enabling a non-root user to retrieve the username/password. The vulnerability is due to insecure local storage of sensitive ...