org.apache.any23:apache-any23-core is vulnerable to XML external entity (XXE) injection attacks. An attacker is able to view files and to interact with any back-end or external systems that the application itself can access due to the vulnerable RDFa XSLTStylesheet extractor
component.