libxml-security-java: implementation of security standards for XML Apache XML Security for Java could be tricked into validating spoofed signatures.