CVE-2020-2297
The CVE-2020-2297 entry concerns Jenkins SMS Notification Plugin versions 1.2 and earlier, where an access token is stored unencrypted in the global configuration file on the Jenkins controller. The file com.hoiio.jenkins.plugin.SMSNotification.xml can be viewed by users with filesystem access, e...