Investigate updating XXE injection vulnerability to allow practical blind exploitation

Reminder to myself - look at other XML parsing libraries in Python to see if using something other than lxml will allow more practical/realistic blind exploitation of the vulnerability.