Apache Solr is vulnerable to XML External Entity (XXE) attacks. The library uses an insecure DocumentBuilderFactory class is to parse the currency.xml
and enumsConfig.xml
files. This can allow a malicious user with access to these files to conduct an XXE attack to reveal sensitive information.