XML External Entity (XXE) Vulnerability in S3 Browser before 8.1.5
CVE-2018-20298 · MEDIUM Severity
AV:N/AC:M/AU:N/C:P/I:N/A:N
S3 Browser before 8.1.5 contains an XML external entity (XXE) vulnerability, allowing remote attackers to read arbitrary files and obtain NTLMv2 hash values by tricking a user into connecting to a malicious server via the S3 protocol.
Learn more about our Cis Benchmark Audit For Server Software.