j. Application is Vulnerable To Simultaneous Login [12] ................ 37 k. Application's Request/Response Reveals Sensitive Information[13] 37 1. SSL Pinning Can Be Bypassed [14] ..........................................., 38 m Insecure Data Storage in File System [15]. , 38 n. Insecure Content Security Policy (Csp)/X-Frame-Options [16] ... 38 0. Missing HSTS Header [17] ., 38