{"api_version":"1","generated_at":"2026-04-21T12:40:36+00:00","cve":"CVE-2023-42361","urls":{"html":"https://cve.report/CVE-2023-42361","api":"https://cve.report/api/cve/CVE-2023-42361.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2023-42361","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2023-42361"},"summary":{"title":"CVE-2023-42361","description":"Local File Inclusion vulnerability in Midori-global Better PDF Exporter for Jira Server and Jira Data Center v.10.3.0 and before allows an attacker to view arbitrary files and cause other impacts via use of crafted image during PDF export.","state":"PUBLIC","assigner":"cve@mitre.org","published_at":"2023-11-07 22:15:00","updated_at":"2023-11-15 15:36:00"},"problem_types":["CWE-918"],"metrics":[],"references":[{"url":"https://marketplace.atlassian.com/apps/5167/better-pdf-exporter-for-jira?tab=versions&hosting=server","name":"https://marketplace.atlassian.com/apps/5167/better-pdf-exporter-for-jira?tab=versions&hosting=server","refsource":"","tags":[],"title":"Better PDF Exporter for Jira | Atlassian Marketplace","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://marketplace.atlassian.com/apps/5167/better-pdf-exporter-for-jira?tab=versions&hosting=datacenter","name":"https://marketplace.atlassian.com/apps/5167/better-pdf-exporter-for-jira?tab=versions&hosting=datacenter","refsource":"","tags":[],"title":"Better PDF Exporter for Jira | Atlassian Marketplace","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://gccybermonks.com/posts/pdfjira/","name":"https://gccybermonks.com/posts/pdfjira/","refsource":"","tags":[],"title":"Better PDF Exporter (Jira Plugin) [CVE 2023-42361]","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2023-42361","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-42361","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2023","cve_id":"42361","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"midori-global","cpe5":"better_pdf_exporter","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"jira_data_center","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"42361","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"midori-global","cpe5":"better_pdf_exporter","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"jira_server","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2023-42361","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Local File Inclusion vulnerability in Midori-global Better PDF Exporter for Jira Server and Jira Data Center v.10.3.0 and before allows an attacker to view arbitrary files and cause other impacts via use of crafted image during PDF export."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"url":"https://marketplace.atlassian.com/apps/5167/better-pdf-exporter-for-jira?tab=versions&hosting=server","refsource":"MISC","name":"https://marketplace.atlassian.com/apps/5167/better-pdf-exporter-for-jira?tab=versions&hosting=server"},{"url":"https://marketplace.atlassian.com/apps/5167/better-pdf-exporter-for-jira?tab=versions&hosting=datacenter","refsource":"MISC","name":"https://marketplace.atlassian.com/apps/5167/better-pdf-exporter-for-jira?tab=versions&hosting=datacenter"},{"refsource":"MISC","name":"https://gccybermonks.com/posts/pdfjira/","url":"https://gccybermonks.com/posts/pdfjira/"}]}},"nvd":{"publishedDate":"2023-11-07 22:15:00","lastModifiedDate":"2023-11-15 15:36:00","problem_types":["CWE-918"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.8,"baseSeverity":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:midori-global:better_pdf_exporter:*:*:*:*:*:jira_data_center:*:*","versionEndExcluding":"11.0.0","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:midori-global:better_pdf_exporter:*:*:*:*:*:jira_server:*:*","versionEndExcluding":"11.0.0","cpe_name":[]}]}]}},"legacy_mitre":{"record":null,"notes":[]}}}