Whitepaper explaining the consequences of XML eXternal Entity injection and basic to advanced exploitation.
You can download it from the following link: https://packetstormsecurity.com/files/download/149328/xml-external-entity-injection—explanation-and-exploitation.pdf
Source: https://packetstormsecurity.com/files/149328/XXE-Explanation-And-Exploitation.html