Clear text traffic is allowed for all domains
Your app’s network security configuration allows clear text traffic for all domains. This could allow attackers to intercept data sent by your app. If this information is confidential or personally identifiable, it may affect users’ privacy.
We recommend only allowing encrypted traffic by setting the cleartextTrafficPermitted flag to false or adding an encryption policy for specific domains.