diff --git a/src/iTextSharp.LGPLv2.Core/iTextSharp/text/pdf/XfaForm.cs b/src/iTextSharp.LGPLv2.Core/iTextSharp/text/pdf/XfaForm.cs
index 622f093a..b2e6940c 100644
--- a/src/iTextSharp.LGPLv2.Core/iTextSharp/text/pdf/XfaForm.cs
+++ b/src/iTextSharp.LGPLv2.Core/iTextSharp/text/pdf/XfaForm.cs
@@ -67,7 +67,7 @@ public XfaForm(PdfReader reader)
         }
 
         bout.Seek(offset: 0, SeekOrigin.Begin);
-        using var xtr = XmlReader.Create(bout);
+        using var xtr = XmlReader.Create(bout, xml.ParserBase.SecureXmlReaderSettings);
         _domDocument = new XmlDocument();
         _domDocument.PreserveWhitespace = true;
         _domDocument.Load(xtr);
diff --git a/src/iTextSharp.LGPLv2.Core/iTextSharp/text/xml/ParserBase.cs b/src/iTextSharp.LGPLv2.Core/iTextSharp/text/xml/ParserBase.cs
index a09bb83b..e81ef255 100644
--- a/src/iTextSharp.LGPLv2.Core/iTextSharp/text/xml/ParserBase.cs
+++ b/src/iTextSharp.LGPLv2.Core/iTextSharp/text/xml/ParserBase.cs
@@ -8,6 +8,16 @@ namespace iTextSharp.text.xml;
 /// </summary>
 public abstract class ParserBase
 {
+    /// <summary>
+    /// Secure XML reader settings that prevent XXE attacks (CVE-2017-9096)
+    /// by disabling DTD processing and external entity resolution.
+    /// </summary>
+    public static readonly XmlReaderSettings SecureXmlReaderSettings = new XmlReaderSettings
+    {
+        DtdProcessing = DtdProcessing.Prohibit,
+        XmlResolver = null
+    };
+
     /// <summary>
     ///     This method gets called when characters are encountered.
     /// </summary>
@@ -34,7 +44,7 @@ public void Parse(XmlDocument xDoc)
         var xml = xDoc.OuterXml;
         var stringReader = new StringReader(xml);
 
-        var reader = XmlReader.Create(stringReader);
+        var reader = XmlReader.Create(stringReader, SecureXmlReaderSettings);
         Parse(reader);
     }
 
@@ -116,7 +126,7 @@ public void Parse(XmlReader reader)
     public void Parse(string url)
     {
         var stringReader = new StringReader(File.ReadAllText(url));
-        var reader = XmlReader.Create(stringReader);
+        var reader = XmlReader.Create(stringReader, SecureXmlReaderSettings);
         Parse(reader);
     }
 
@@ -131,4 +141,4 @@ public abstract void StartElement(string uri,
         string lname,
         string name,
         INullValueDictionary<string, string> attrs);
-}
\ No newline at end of file
+}
diff --git a/src/iTextSharp.LGPLv2.Core/iTextSharp/text/xml/xmp/XmpReader.cs b/src/iTextSharp.LGPLv2.Core/iTextSharp/text/xml/xmp/XmpReader.cs
index 3bff8669..62562863 100644
--- a/src/iTextSharp.LGPLv2.Core/iTextSharp/text/xml/xmp/XmpReader.cs
+++ b/src/iTextSharp.LGPLv2.Core/iTextSharp/text/xml/xmp/XmpReader.cs
@@ -28,7 +28,7 @@ public XmpReader(byte[] bytes)
         using var bout = new MemoryStream();
         bout.Write(bytes, 0, bytes.Length);
         bout.Seek(0, SeekOrigin.Begin);
-        using var xtr = XmlReader.Create(bout);
+        using var xtr = XmlReader.Create(bout, ParserBase.SecureXmlReaderSettings);
         _domDocument = new XmlDocument();
         _domDocument.PreserveWhitespace = true;
         _domDocument.Load(xtr);