The fix for XXE (
BATIK-1018) seems to be incomplete.
External DTD resolution should also be disabled in order to avoid attacks like SSRF or port-scanning behind the firewall.
See attached file (ssrf.svg) for an example.
To fix it you could disable the external DTD resolution altogether, using the document factory configuration, i.e.
See also https://www.owasp.org/index.php/XML_External_Entity_(XXE)_Processing for more information on XXE.