Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    4 vulnerabilities by midori-global

    CVE-2023-42361 (GCVE-0-2023-42361)

    Vulnerability from nvd – Published: 2023-11-07 00:00 – Updated: 2024-09-05 13:22
    VLAI
    Summary
    Local File Inclusion vulnerability in Midori-global Better PDF Exporter for Jira Server and Jira Data Center v.10.3.0 and before allows an attacker to view arbitrary files and cause other impacts via use of crafted image during PDF export.
    Severity
    No CVSS data available.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    Assigner
    Impacted products
    Vendor Product Version
    midori-global better_pdf_exporter Affected: 0 , < 10.3.0 (custom)
        cpe:2.3:a:midori-global:better_pdf_exporter:-:*:*:*:*:jira_data_center:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T19:16:51.122Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://marketplace.atlassian.com/apps/5167/better-pdf-exporter-for-jira?tab=versions\u0026hosting=server"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://marketplace.atlassian.com/apps/5167/better-pdf-exporter-for-jira?tab=versions\u0026hosting=datacenter"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://gccybermonks.com/posts/pdfjira/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:midori-global:better_pdf_exporter:-:*:*:*:*:jira_data_center:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "better_pdf_exporter",
                "vendor": "midori-global",
                "versions": [
                  {
                    "lessThan": "10.3.0",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-42361",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-05T13:18:01.717397Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-05T13:22:24.342Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Local File Inclusion vulnerability in Midori-global Better PDF Exporter for Jira Server and Jira Data Center v.10.3.0 and before allows an attacker to view arbitrary files and cause other impacts via use of crafted image during PDF export."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-11-07T21:50:02.539Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://marketplace.atlassian.com/apps/5167/better-pdf-exporter-for-jira?tab=versions\u0026hosting=server"
            },
            {
              "url": "https://marketplace.atlassian.com/apps/5167/better-pdf-exporter-for-jira?tab=versions\u0026hosting=datacenter"
            },
            {
              "url": "https://gccybermonks.com/posts/pdfjira/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2023-42361",
        "datePublished": "2023-11-07T00:00:00.000Z",
        "dateReserved": "2023-09-08T00:00:00.000Z",
        "dateUpdated": "2024-09-05T13:22:24.342Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-36131 (GCVE-0-2022-36131)

    Vulnerability from nvd – Published: 2022-07-22 12:36 – Updated: 2024-08-03 10:00
    VLAI
    Summary
    The Better PDF Exporter add-on 10.0.0 for Atlassian Jira is prone to stored XSS via a crafted description to the PDF Templates overview page.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T10:00:01.369Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://marketplace.atlassian.com/apps/5167/better-pdf-exporter-for-jira?tab=overview\u0026hosting=server"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2022-038.txt"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Better PDF Exporter add-on 10.0.0 for Atlassian Jira is prone to stored XSS via a crafted description to the PDF Templates overview page."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-07-22T12:36:36.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://marketplace.atlassian.com/apps/5167/better-pdf-exporter-for-jira?tab=overview\u0026hosting=server"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2022-038.txt"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2022-36131",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Better PDF Exporter add-on 10.0.0 for Atlassian Jira is prone to stored XSS via a crafted description to the PDF Templates overview page."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://marketplace.atlassian.com/apps/5167/better-pdf-exporter-for-jira?tab=overview\u0026hosting=server",
                  "refsource": "MISC",
                  "url": "https://marketplace.atlassian.com/apps/5167/better-pdf-exporter-for-jira?tab=overview\u0026hosting=server"
                },
                {
                  "name": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2022-038.txt",
                  "refsource": "MISC",
                  "url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2022-038.txt"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2022-36131",
        "datePublished": "2022-07-22T12:36:36.000Z",
        "dateReserved": "2022-07-18T00:00:00.000Z",
        "dateUpdated": "2024-08-03T10:00:01.369Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-42361 (GCVE-0-2023-42361)

    Vulnerability from cvelistv5 – Published: 2023-11-07 00:00 – Updated: 2024-09-05 13:22
    VLAI
    Summary
    Local File Inclusion vulnerability in Midori-global Better PDF Exporter for Jira Server and Jira Data Center v.10.3.0 and before allows an attacker to view arbitrary files and cause other impacts via use of crafted image during PDF export.
    Severity
    No CVSS data available.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    Assigner
    Impacted products
    Vendor Product Version
    midori-global better_pdf_exporter Affected: 0 , < 10.3.0 (custom)
        cpe:2.3:a:midori-global:better_pdf_exporter:-:*:*:*:*:jira_data_center:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T19:16:51.122Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://marketplace.atlassian.com/apps/5167/better-pdf-exporter-for-jira?tab=versions\u0026hosting=server"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://marketplace.atlassian.com/apps/5167/better-pdf-exporter-for-jira?tab=versions\u0026hosting=datacenter"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://gccybermonks.com/posts/pdfjira/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:midori-global:better_pdf_exporter:-:*:*:*:*:jira_data_center:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "better_pdf_exporter",
                "vendor": "midori-global",
                "versions": [
                  {
                    "lessThan": "10.3.0",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-42361",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-05T13:18:01.717397Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-05T13:22:24.342Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Local File Inclusion vulnerability in Midori-global Better PDF Exporter for Jira Server and Jira Data Center v.10.3.0 and before allows an attacker to view arbitrary files and cause other impacts via use of crafted image during PDF export."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-11-07T21:50:02.539Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://marketplace.atlassian.com/apps/5167/better-pdf-exporter-for-jira?tab=versions\u0026hosting=server"
            },
            {
              "url": "https://marketplace.atlassian.com/apps/5167/better-pdf-exporter-for-jira?tab=versions\u0026hosting=datacenter"
            },
            {
              "url": "https://gccybermonks.com/posts/pdfjira/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2023-42361",
        "datePublished": "2023-11-07T00:00:00.000Z",
        "dateReserved": "2023-09-08T00:00:00.000Z",
        "dateUpdated": "2024-09-05T13:22:24.342Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-36131 (GCVE-0-2022-36131)

    Vulnerability from cvelistv5 – Published: 2022-07-22 12:36 – Updated: 2024-08-03 10:00
    VLAI
    Summary
    The Better PDF Exporter add-on 10.0.0 for Atlassian Jira is prone to stored XSS via a crafted description to the PDF Templates overview page.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T10:00:01.369Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://marketplace.atlassian.com/apps/5167/better-pdf-exporter-for-jira?tab=overview\u0026hosting=server"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2022-038.txt"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Better PDF Exporter add-on 10.0.0 for Atlassian Jira is prone to stored XSS via a crafted description to the PDF Templates overview page."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-07-22T12:36:36.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://marketplace.atlassian.com/apps/5167/better-pdf-exporter-for-jira?tab=overview\u0026hosting=server"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2022-038.txt"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2022-36131",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Better PDF Exporter add-on 10.0.0 for Atlassian Jira is prone to stored XSS via a crafted description to the PDF Templates overview page."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://marketplace.atlassian.com/apps/5167/better-pdf-exporter-for-jira?tab=overview\u0026hosting=server",
                  "refsource": "MISC",
                  "url": "https://marketplace.atlassian.com/apps/5167/better-pdf-exporter-for-jira?tab=overview\u0026hosting=server"
                },
                {
                  "name": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2022-038.txt",
                  "refsource": "MISC",
                  "url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2022-038.txt"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2022-36131",
        "datePublished": "2022-07-22T12:36:36.000Z",
        "dateReserved": "2022-07-18T00:00:00.000Z",
        "dateUpdated": "2024-08-03T10:00:01.369Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }