CVE-2018-20298
CVE-2018-20298 concerns S3 Browser prior to 8.1.5 with an XML external entity (XXE) vulnerability in the S3 protocol. An attacker can lure a user to connect to a malicious server, causing the application to read local files and reveal NTLMv2 hashes via XML-based responses. Multiple connected sour...