CVE-2023-42361

HIGH Year: 2023
CVSS v3 Score
7.8
High
Weakness Type
CWE-918
View all →

Vulnerability Description

Local File Inclusion vulnerability in Midori-global Better PDF Exporter for Jira Server and Jira Data Center v.10.3.0 and before allows an attacker to view arbitrary files and cause other impacts via use of crafted image during PDF export.

Related Vulnerabilities

CVE-2022-3841

HIGH
CVSS:7.8(High)

RHACM: unauthenticated SSRF in console API endpoint. A Server-Side Request Forgery (SSRF) vulnerability was found in the console API endpoint from Red Hat Advanced Cluster Management for Kubernetes (R...

CWE-9182022

CVE-2016-4374

HIGH
CVSS:7.7(High)

HPE Release Control (RC) 9.13, 9.20, and 9.21 before 9.21.0005 p4 allows remote authenticated users to conduct server-side request forgery (SSRF) attacks, and consequently obtain sensitive information...

CWE-9182016

CVE-2017-7566

HIGH
CVSS:7.7(High)

MyBB before 1.8.11 allows remote attackers to bypass an SSRF protection mechanism.

CWE-9182017

CVE-2018-19571

HIGH
CVSS:7.7(High)

GitLab CE/EE, versions 8.18 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an SSRF vulnerability in webhooks.

CWE-9182018

CVE-2019-15033

HIGH
CVSS:7.7(High)

Pydio 6.0.8 allows Authenticated SSRF during a Remote Link Feature download. An attacker can specify an intranet address in the file parameter to index.php, when sending a file to a remote server, as ...

CWE-9182019

CVE-2019-6257

HIGH
CVSS:7.7(High)

A Server Side Request Forgery (SSRF) vulnerability in elFinder before 2.1.46 could allow a malicious user to access the content of internal network resources. This occurs in get_remote_contents() in p...

CWE-9182019