CVE-2023-3431: Local file read through %load_json in plantuml

Description

When ALLOW_PLANTUML_INCLUDE is set to false (the default settings) in the online server, !include processing is turned off, preventing local files from being read. However, other features like %load_json can still access local files.

Since many people will run plantuml-server in its default configuration, it might be better to block all local file reading by default or include controlling %load_json access as part of the ALLOW_PLANTUML_INCLUDE switch.

Proof of Concept

docker run -d -p 8080:8080 plantuml/plantuml-server:jetty

Inside the container, write a JSON file /var/lib/jetty/test.json

@startuml
Bob -> Alice : %load_json("/var/lib/jetty/test.json")
@enduml

We can also confirm whether or not a file exists on the system. If the file exists, the result will either be valid JSON or a JSON parse error (if the file is not a JSON file). Otherwise, the result is simply {}. This can allow attackers to gain more information about the system.

Impact

Read local JSON files, and confirm existence of files.