Apache jUDDI is vulnerable to XML External Entity expansion (XXE) attacks. The application does not disable Document Type Definition
resolutions, allowing attackers to access sensitive information or conduct XXE attacks that can lead to a denial of service.