Comodo · Itop · CVE-2021-32664
**Name of the Vulnerable Software and Affected Versions**
Combodo iTop versions prior to 2.6.5
Combodo iTop versions prior to 2.7.5
**Description**
The issue is related to a XSS vulnerability on the "run query" page when logged in as an administrator. This vulnerability has been resolved in versions 2.6.5 and 2.7.5.
**Recommendations**
For versions prior to 2.6.5, update to version 2.6.5 or later.
For versions prior to 2.7.5, update to version 2.7.5 or later.