VULNERABILITY DETAILS
User with access to our device on which we have saved credit card details can easily discover its number.

VERSION
Chrome Version: [59.0.3071.125] + [stable]
Operating System: Android 7.0

REPRODUCTION CASE
Having a phone with saved payment card data in chrome, you can easily discover it number. All we need is an HTML form with a text box labeled autocomplete="cc-number".
Assume our card number is 370141735165858. We enter the first number of from 0 to 9, waiting for the autocompletion box to appear. If it appears we know that this number exists is in the number of our card. We entered 0 we came up with a popup window. This means that this number occurs in our card. We enter the second number 0 - nothing, 1 pops up the autocompletion window. This means that string 01 occurs in our credit card number. We enter third number. 0 nothing, 1 nothing, 2 nothing, 3 nothing, 4 a window pops up. We continue until the very end of our credit card number. Additionally we know last 4 card numbers from pop up window. This allows us to determine where we find the string we have guessed. Usinh method as described above, we get to 0141735165858. We are missing the first two numbers, but we can easily guess them useing method as described above (0-9). The entire process is much faster if we correctly guess or know the first few credit card numbers. Of course to use a credit card we still need a CVV / CVV2 code. However, we may know it from another source or guess it. I also checked this on the desktop chrome, but there, after entering a few digits, the autocomplete window disappears.