EPSS
Percentile
64.8%
S3 Browser before 8.1.5 contains an XML external entity (XXE) vulnerability, allowing remote attackers to read arbitrary files and obtain NTLMv2 hash values by tricking a user into connecting to a malicious server via the S3 protocol.
s3browser.com/news.aspx
www.ptsecurity.com/ww-en/analytics/threatscape/pt-2018-34/