python3-saml is vulnerable to external XML entity (XXE) attacks. These attacks are possible through the abuse of XML.