o Updated to remove '<!--' and '-->' from XML comments to guard against XML

  XML injection issues.

Fixes #3

Author: ChristianSchulte

src/main/java/org/codehaus/plexus/util/xml/XmlWriterUtil.java

@@ -186,6 +186,16 @@ public static void writeComment( XMLWriter writer, String comment, int indent, i
             comment = "null";
         }
 
+        while ( comment.contains( "<!--" ) )
+        {
+            comment = comment.replace( "<!--", "" );
+        }
+
+        while ( comment.contains( "-->" ) )
+        {
+            comment = comment.replace( "-->", "" );
+        }
+
         if ( indent < 0 )
         {
             indent = 0;