Low severity3.9NVD Advisory· Published Apr 10, 2020· Updated Jun 17, 2026
CVE-2020-9056
CVE-2020-9056
Description
Periscope BuySpeed version 14.5 is vulnerable to stored cross-site scripting, which could allow a local, authenticated attacker to store arbitrary JavaScript within the application. This JavaScript is subsequently displayed by the application without sanitization and is executed in the browser of the user, which could possibly cause website redirection, session hijacking, or information disclosure. This vulnerability has been patched in BuySpeed version 15.3.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3<15.3+ 1 more
- (no CPE)range: <15.3
- (no CPE)range: 14.5
Patches
Vulnerability mechanics
References
2- kb.cert.org/vuls/id/660597/nvdThird Party AdvisoryUS Government Resource
- support.buyspeed.com/hc/en-us/articles/360035773831-Buyspeed-15-3-0-Release-NotesnvdRelease NotesVendor Advisory
News mentions
0No linked articles in our index yet.