CVE-2023-42361

HIGH

Better PDF Exporter for Jira < 11.0.0 - Local File Inclusion via Crafted Image in PDF Export

Title source: llm
STIX 2.1

Description

Local File Inclusion vulnerability in Midori-global Better PDF Exporter for Jira Server and Jira Data Center v.10.3.0 and before allows an attacker to view arbitrary files and cause other impacts via use of crafted image during PDF export.

References (3)

Core 3

Scores

CVSS v3 7.8
EPSS 0.0093
EPSS Percentile 55.9%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-918
Status published
Products (1)
midori-global/better_pdf_exporter < 11.0.0 (2 CPE variants)
Published Nov 07, 2023
Tracked Since Feb 18, 2026