CVE-2018-17403
PhonePe wallet (com.PhonePe.app) on Android, versions 3.0.6–3.3.26, is vulnerable to user impersonation and unauthorized account setup via a malicious app that users must explicitly install and grant Accessibility permission to. This capability relies on the Android Accessibility framework and is...