An issue in the android:requestLegacyExternalStorage attribute of coinmarketcap v4.35.1 allows attackers to access directories and different types of media files stored in external storage.

coinmarketcap 4.35.1