Researchers have recently proven that a vulnerability in XML Encryption provides a chance for attackers to gain access to sensitive information in API applications. XML Encryption is used in securing data shared between Web services by many businesses and web applications. Researchers from the Ruhr University of Bochum (RUB) in Germany have created an attack method that would expose data that was assumed to be secure using DES (Data Encryption Standard) or the AES (Advanced Encryption Standard) in CBC (cipher block chaining) mode.
SOURCE: 10/19/2011 - rub.de - https://aktuell.ruhr-uni-bochum.de/pm2011/pm00330.html.de