Application content is visible in the task switcher snapshot.

Impact:
Sensitive screen data exposed to shoulder-surfing and snapshot extraction.

CWE-1021|3.2|Low|Task Switching Vulnerability in an Android application occurs when sensitive information or activities are not properly secured during the transition between the application and other tasks, such as when the app is sent to the background or when the user switches between applications.|Data Exposure: Sensitive data, such as authentication tokens, may be exposed to other applications or the system during task switching.
Privacy Violation: User privacy may be compromised if sensitive activities, like password input, are visible in recent apps or screenshots.
Session Hijacking: Inadequate protection during task switching may lead to session hijacking, allowing attackers to exploit the application's context.|Secure Data Storage: Ensure that sensitive data is securely stored and encrypted, reducing the risk of exposure during task switching.
Session Management: Implement secure session management practices to protect user sessions from being hijacked during task transitions.
Clear Sensitive Data: Clear sensitive data from memory or variables when the application is sent to the background to prevent leakage.
Use Secure Input Fields: Mask or secure sensitive input fields, such as passwords, to prevent them from being visible during task switching.
Activity Lifecycle Management: Understand and manage the Android Activity Lifecycle to implement appropriate security measures during transitions.|https://cwe.mitre.org/data/definitions/368.html|Step 1: During security assessment, we observed that when the application was sent to the background, the information or activities were not properly secured during the transition between the application and other tasks.|