There is a very serious vulnerability in the system stored credentials that allows any attacker with access to the victim's browser, obtain the password stored in a site without knowing the a general system password.

DETAIL OF VULNERABILITY
When accessing a login page whose credentials are stored, the same is loaded in the document structure, being able to access very easily, for example, by placing a script in the address bar.

VERSION
Chrome Version: all.
Chromium Version: all.
Operating System: all.

REPRODUCTION CASE
1) Open the login page whose credentials are stored
2) Select inspect element to find the id of the input containing the password.
3) Place the script sieguiente in the address bar and press enter:
javascript:alert(document.getElementById("user_password").value);

Regards!