iVANTI-CVE-2021-38560 Ivanti Service Manager 20211 infected with reflected XSS via the appName parameter associated with ConfigDB calls, such as in RelocateAttachmentsaspx Vulnerability Type: Cross Site Scripting (XSS) Vendor of Product: IVANTI Affected Product Versions: Service Manager - (=<20213) Payload: localhost/HEAT/maintenance/RelocateAttachmentsas