Replace xml.dom with defusedxml

[vinitkumar]

Describe the bug
A clear and concise description of what the bug is.
[Security]

Scanned the package at (Snyk)[https://app.snyk.io/org/vinitkumar/project/39009c4a-8759-4a97-a0c3-dbe224fe99úú]. Seems like
replacing xml.dom usage with defusedxml is an easy and API compatible approach which we can
use to prevent a vector of attacks

xml.dom.minidom.parseString is considered insecure. Use an analog from the defusedxml package.