diff --git a/reference/dom/domdocument.xml b/reference/dom/domdocument.xml
index 38a0e74ba1..1f88ecee63 100644
--- a/reference/dom/domdocument.xml
+++ b/reference/dom/domdocument.xml
@@ -283,6 +283,11 @@
        entities. This attribute is not part of
        the DOM specification and is specific to libxml.
       </para>
+      <caution>
+       <simpara>
+        Enabling entity substitution may facilitate XML External Entity (XXE) attacks.
+       </simpara>
+      </caution>
      </listitem>
     </varlistentry>
     <varlistentry xml:id="domdocument.props.validateonparse">
diff --git a/reference/libxml/constants.xml b/reference/libxml/constants.xml
index 527b151451..5ad810869a 100644
--- a/reference/libxml/constants.xml
+++ b/reference/libxml/constants.xml
@@ -154,6 +154,11 @@
     <simpara>
      Substitute entities
     </simpara>
+    <caution>
+     <simpara>
+      Enabling entity substitution may facilitate XML External Entity (XXE) attacks.
+     </simpara>
+    </caution>
    </listitem>
   </varlistentry>
   <varlistentry xml:id="constant.libxml-noerror">
diff --git a/reference/libxml/functions/libxml-disable-entity-loader.xml b/reference/libxml/functions/libxml-disable-entity-loader.xml
index fec188f96e..f64a54b1a0 100644
--- a/reference/libxml/functions/libxml-disable-entity-loader.xml
+++ b/reference/libxml/functions/libxml-disable-entity-loader.xml
@@ -15,6 +15,10 @@
   </methodsynopsis>
   <para>
    Disable/enable the ability to load external entities.
+   Note that disabling the loading of external entities may cause general issues
+   with loading XML documents. However, as of libxml 2.9.0 entity substitution
+   is disabled by default, so there is no need to disable the loading of external
+   entities.
   </para>
  </refsect1>