Improper Restriction of XML External Entity Reference
Processing Foundation Processing version contains an XML External Entity (XXE) vulnerability in the loadXML(). An attacker can read arbitrary files and read their contents via HTTP requests.
Advisories for Maven/Org.processing/Processing-Complete package
2018