diff --git a/engine/src/main/java/com/agiletec/aps/system/services/pagemodel/PageModelDOM.java b/engine/src/main/java/com/agiletec/aps/system/services/pagemodel/PageModelDOM.java
index 75c661f35..66835e1fe 100644
--- a/engine/src/main/java/com/agiletec/aps/system/services/pagemodel/PageModelDOM.java
+++ b/engine/src/main/java/com/agiletec/aps/system/services/pagemodel/PageModelDOM.java
@@ -109,6 +109,10 @@ private Element buildSketchXML(Frame frame) {
 	private void decodeDOM(String xmlText) throws EntException {
 		SAXBuilder builder = new SAXBuilder();
 		builder.setValidation(false);
+		builder.setFeature("http://apache.org/xml/features/disallow-doctype-decl", true);
+		builder.setFeature("http://xml.org/sax/features/external-general-entities", false);
+		builder.setFeature("http://xml.org/sax/features/external-parameter-entities", false);
+		builder.setFeature("http://apache.org/xml/features/nonvalidating/load-external-dtd", false);
 		StringReader reader = new StringReader(xmlText);
 		try {
 			_doc = builder.build(reader);