Researchers in Germany have developed an attack that enables them to decrypt supposedly private messages sent via XML. Their attack affects messages encrypted with any of the algorithms supported by the XML encryption standard, including DES and AES. XML is a standard format for exchanging messages among Web applications and it is implemented widely by companies all across the Web. The attack is based on a vulnerability in the cipher-block chaining mode used by some encryption algorithms. Researchers presented their research at the ACM Conference on Computers and Communications Security last week.
Source: https://threatpost.com/researchers-publish-new-attack-xml-encryption-102411/75792/