diff --git a/CHANGELOG.txt b/CHANGELOG.txt
index c9c3142..17452f2 100644
--- a/CHANGELOG.txt
+++ b/CHANGELOG.txt
@@ -1,7 +1,10 @@
+v1.16.6 (June 2023)
+* COT-775: [PHP] Investigate XXE vulnerability in PHP library
+
 v1.16.5second (June 2019)
 * add missing cacert.pem file
 * COT-287: [PHP] eMandates library cannot parse maxAmount field
 * COT-310: [PHP] Remove vulnerability in PHP eMandates Library
 
 v1.16.4 (June 2018)
-* Add composer declaration
\ No newline at end of file
+* Add composer declaration
diff --git a/Library/CoreCommunicator.php b/Library/CoreCommunicator.php
index 6a62994..80bdeba 100644
--- a/Library/CoreCommunicator.php
+++ b/Library/CoreCommunicator.php
@@ -309,7 +309,7 @@ protected function PerformRequest($docTree, $url) {
 			} else {
 				curl_close($ch);
 
-                $doc = @simplexml_load_string($data, 'SimpleXMLElement', LIBXML_NOENT);
+                $doc = @simplexml_load_string($data);
 				if (!$doc) {
 					$this->logger->Log("Raw Response : " . $data);
 					throw new CommunicatorException($data);