The (1) UpdateRequestHandler for XSLT or (2) XPathEntityProcessor in Apache
Solr before 4.1 allows remote attackers to have an unspecified impact via
XML data containing an external entity declaration in conjunction with an
entity reference, related to an XML External Entity (XXE) issue, different
vectors than CVE-2013-6407.