A hacker discovered a XXE flaw in the EpubCheck library that affects major epub services causing information disclosure and denial of service conditions. The security expert and bug hunter Craig Arendt has discovered flaws in major eBook readers including the ones commercialized by Amazon, Apple, and Google. The library is used for the operations of format conversions into the universal Epub book format. Amazon KDP (Kindle Publishing Online Service), Apple Transporter (Book reader), Adobe Digital Editions (book reader), and Google Play Book uploads, etc. are all affected.”]
Source: http://securityaffairs.co/wordpress/55727/hacking/epub-services-flaws.html