CVE-2017-1000477

XMLBundle version 0.1.7 is vulnerable to XXE attacks which can result in denial of service attacks.