CVE-2020-9056
Periscope BuySpeed 14.5 is vulnerable to stored cross-site scripting (XSS) due to unsanitized client-side data. A local, authenticated attacker can store arbitrary JavaScript within BuySpeed, which is then executed in the browser of other users, potentially enabling website redirection, session h...