[java-sig-commits] [Bug 1520471] New: CVE-2017-14949 restlet: XXE vulnerability in XML extension allows remote attackers to access arbitrary files via a crafted REST API HTTP request