CVE-2021-26550
An issue was discovered in SmartFoxServer 2.17.0. Cleartext password disclosure can occur via /config/server.xml.
Date published : 2021-02-09
http://packetstormsecurity.com/files/161337/SmartFoxServer-2X-2.17.0-Credential-Disclosure.html