Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
4 vulnerabilities by midori-global
CVE-2023-42361 (GCVE-0-2023-42361)
Vulnerability from nvd – Published: 2023-11-07 00:00 – Updated: 2024-09-05 13:22
VLAI
Summary
Local File Inclusion vulnerability in Midori-global Better PDF Exporter for Jira Server and Jira Data Center v.10.3.0 and before allows an attacker to view arbitrary files and cause other impacts via use of crafted image during PDF export.
Severity
No CVSS data available.
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- n/a
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| midori-global | better_pdf_exporter |
Affected:
0 , < 10.3.0
(custom)
cpe:2.3:a:midori-global:better_pdf_exporter:-:*:*:*:*:jira_data_center:*:* |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:16:51.122Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://marketplace.atlassian.com/apps/5167/better-pdf-exporter-for-jira?tab=versions\u0026hosting=server"
},
{
"tags": [
"x_transferred"
],
"url": "https://marketplace.atlassian.com/apps/5167/better-pdf-exporter-for-jira?tab=versions\u0026hosting=datacenter"
},
{
"tags": [
"x_transferred"
],
"url": "https://gccybermonks.com/posts/pdfjira/"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:midori-global:better_pdf_exporter:-:*:*:*:*:jira_data_center:*:*"
],
"defaultStatus": "unknown",
"product": "better_pdf_exporter",
"vendor": "midori-global",
"versions": [
{
"lessThan": "10.3.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-42361",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-05T13:18:01.717397Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-05T13:22:24.342Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Local File Inclusion vulnerability in Midori-global Better PDF Exporter for Jira Server and Jira Data Center v.10.3.0 and before allows an attacker to view arbitrary files and cause other impacts via use of crafted image during PDF export."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-07T21:50:02.539Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://marketplace.atlassian.com/apps/5167/better-pdf-exporter-for-jira?tab=versions\u0026hosting=server"
},
{
"url": "https://marketplace.atlassian.com/apps/5167/better-pdf-exporter-for-jira?tab=versions\u0026hosting=datacenter"
},
{
"url": "https://gccybermonks.com/posts/pdfjira/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-42361",
"datePublished": "2023-11-07T00:00:00.000Z",
"dateReserved": "2023-09-08T00:00:00.000Z",
"dateUpdated": "2024-09-05T13:22:24.342Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-36131 (GCVE-0-2022-36131)
Vulnerability from nvd – Published: 2022-07-22 12:36 – Updated: 2024-08-03 10:00
VLAI
Summary
The Better PDF Exporter add-on 10.0.0 for Atlassian Jira is prone to stored XSS via a crafted description to the PDF Templates overview page.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://marketplace.atlassian.com/apps/5167/bette… | x_refsource_MISC |
| https://www.syss.de/fileadmin/dokumente/Publikati… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:00:01.369Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://marketplace.atlassian.com/apps/5167/better-pdf-exporter-for-jira?tab=overview\u0026hosting=server"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2022-038.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Better PDF Exporter add-on 10.0.0 for Atlassian Jira is prone to stored XSS via a crafted description to the PDF Templates overview page."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-22T12:36:36.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://marketplace.atlassian.com/apps/5167/better-pdf-exporter-for-jira?tab=overview\u0026hosting=server"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2022-038.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-36131",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Better PDF Exporter add-on 10.0.0 for Atlassian Jira is prone to stored XSS via a crafted description to the PDF Templates overview page."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://marketplace.atlassian.com/apps/5167/better-pdf-exporter-for-jira?tab=overview\u0026hosting=server",
"refsource": "MISC",
"url": "https://marketplace.atlassian.com/apps/5167/better-pdf-exporter-for-jira?tab=overview\u0026hosting=server"
},
{
"name": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2022-038.txt",
"refsource": "MISC",
"url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2022-038.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-36131",
"datePublished": "2022-07-22T12:36:36.000Z",
"dateReserved": "2022-07-18T00:00:00.000Z",
"dateUpdated": "2024-08-03T10:00:01.369Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-42361 (GCVE-0-2023-42361)
Vulnerability from cvelistv5 – Published: 2023-11-07 00:00 – Updated: 2024-09-05 13:22
VLAI
Summary
Local File Inclusion vulnerability in Midori-global Better PDF Exporter for Jira Server and Jira Data Center v.10.3.0 and before allows an attacker to view arbitrary files and cause other impacts via use of crafted image during PDF export.
Severity
No CVSS data available.
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- n/a
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| midori-global | better_pdf_exporter |
Affected:
0 , < 10.3.0
(custom)
cpe:2.3:a:midori-global:better_pdf_exporter:-:*:*:*:*:jira_data_center:*:* |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:16:51.122Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://marketplace.atlassian.com/apps/5167/better-pdf-exporter-for-jira?tab=versions\u0026hosting=server"
},
{
"tags": [
"x_transferred"
],
"url": "https://marketplace.atlassian.com/apps/5167/better-pdf-exporter-for-jira?tab=versions\u0026hosting=datacenter"
},
{
"tags": [
"x_transferred"
],
"url": "https://gccybermonks.com/posts/pdfjira/"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:midori-global:better_pdf_exporter:-:*:*:*:*:jira_data_center:*:*"
],
"defaultStatus": "unknown",
"product": "better_pdf_exporter",
"vendor": "midori-global",
"versions": [
{
"lessThan": "10.3.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-42361",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-05T13:18:01.717397Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-05T13:22:24.342Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Local File Inclusion vulnerability in Midori-global Better PDF Exporter for Jira Server and Jira Data Center v.10.3.0 and before allows an attacker to view arbitrary files and cause other impacts via use of crafted image during PDF export."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-07T21:50:02.539Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://marketplace.atlassian.com/apps/5167/better-pdf-exporter-for-jira?tab=versions\u0026hosting=server"
},
{
"url": "https://marketplace.atlassian.com/apps/5167/better-pdf-exporter-for-jira?tab=versions\u0026hosting=datacenter"
},
{
"url": "https://gccybermonks.com/posts/pdfjira/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-42361",
"datePublished": "2023-11-07T00:00:00.000Z",
"dateReserved": "2023-09-08T00:00:00.000Z",
"dateUpdated": "2024-09-05T13:22:24.342Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-36131 (GCVE-0-2022-36131)
Vulnerability from cvelistv5 – Published: 2022-07-22 12:36 – Updated: 2024-08-03 10:00
VLAI
Summary
The Better PDF Exporter add-on 10.0.0 for Atlassian Jira is prone to stored XSS via a crafted description to the PDF Templates overview page.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://marketplace.atlassian.com/apps/5167/bette… | x_refsource_MISC |
| https://www.syss.de/fileadmin/dokumente/Publikati… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:00:01.369Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://marketplace.atlassian.com/apps/5167/better-pdf-exporter-for-jira?tab=overview\u0026hosting=server"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2022-038.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Better PDF Exporter add-on 10.0.0 for Atlassian Jira is prone to stored XSS via a crafted description to the PDF Templates overview page."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-22T12:36:36.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://marketplace.atlassian.com/apps/5167/better-pdf-exporter-for-jira?tab=overview\u0026hosting=server"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2022-038.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-36131",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Better PDF Exporter add-on 10.0.0 for Atlassian Jira is prone to stored XSS via a crafted description to the PDF Templates overview page."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://marketplace.atlassian.com/apps/5167/better-pdf-exporter-for-jira?tab=overview\u0026hosting=server",
"refsource": "MISC",
"url": "https://marketplace.atlassian.com/apps/5167/better-pdf-exporter-for-jira?tab=overview\u0026hosting=server"
},
{
"name": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2022-038.txt",
"refsource": "MISC",
"url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2022-038.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-36131",
"datePublished": "2022-07-22T12:36:36.000Z",
"dateReserved": "2022-07-18T00:00:00.000Z",
"dateUpdated": "2024-08-03T10:00:01.369Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}