Description
In the class TaglibFactory, it provides the static method "parseXml" to parse the inputstream, but it does not set security head,for example as below:
xmlReader.setFeature("http://apache.org/xml/features/disallow-doctype-decl", true);
xmlReader.setFeature("http://xml.org/sax/features/external-parameter-entities", false);
xmlReader.setFeature("http://xml.org/sax/features/external-general-entities", false);
and then it may be attacked by XXE. So i think freemarker can add the above content first and parse the xml on next step, it will be better. Thanks