CVE-2023-42361

Name of the Vulnerable Software and Affected Versions Better PDF Exporter for Jira Server and Jira Data Center versions 10.3.0 and before

Description The issue is related to insufficient server-side request validation in the Better PDF Exporter plugin for Atlassian Jira Server and Data Center. This can be exploited to view arbitrary files, potentially leading to other impacts. The vulnerability is exploited via the use of a crafted image during PDF export.

Recommendations For versions 10.3.0 and before, consider disabling the Better PDF Exporter plugin until a patch is available to prevent exploitation. Restrict access to sensitive files and directories to minimize the risk of arbitrary file viewing.