# Exploit Title: AneCMS 1.3 Persistant XSS# Date: 17.1.2011# Author: Penguin# Visit: www.null-sector.info# Software Link: http://anecms.com/anecms.zip# Version: 1.3# Tested on: Linux(I) Vulnerability
----------------------
You can add blogpost comments that does not get filtered for HTML-Code.
Simply add an Comment withfor example the Content <script>alert(1337);</script>
Your <script> code will get executed by every visitor who reads the comments!
(II) Bug Fix
----------------------
There's no Bugfix :)
