IDORSSRFAUTH BYPASSJWT FORGERYRACE CONDITIONXXEBROKEN OBJECT-LEVEL AUTHPRIVILEGE ESCALATIONMASS ASSIGNMENTGRAPHQL INTROSPECTION ABUSEIDORSSRFAUTH BYPASSJWT FORGERYRACE CONDITIONXXEBROKEN OBJECT-LEVEL AUTHPRIVILEGE ESCALATIONMASS ASSIGNMENTGRAPHQL INTROSPECTION ABUSE
Impactr Logoimpactr
FeaturesHow it worksEvidencePricingLearnCompare
  1. Home
  2. Glossary
  3. CVSS

Frameworks & standards

CVSS

Common Vulnerability Scoring System

The Common Vulnerability Scoring System (CVSS) provides a standardized way to rate vulnerability severity on a 0-10 scale using metrics for exploitability and impact. CVSS communicates severity consistently, but a score is not the same as real-world risk - context and exploitability, which offensive testing establishes, determine actual priority.

Key points

  • 0-10 severity scale from exploitability and impact metrics.
  • Standardizes communication of severity.
  • Not a substitute for proven, contextual risk.

Related

CVEVulnerability Assessment

References

  • CVSS (FIRST)

Impactr is an autonomous AI penetration testing platform - it investigates, chains, and proves web and API vulnerabilities with reproducible evidence.

Join the waitlist
← All terms
Impactr Logoimpactr

Built by hackers, for the code you ship. Autonomous AI penetration testing for modern web apps and APIs.

© 2026 Impactr

Product

FeaturesCoverageUse casesEvidencePricingWaitlist

Resources

VulnerabilitiesGuidesComparisonsGlossaryCWE databaseBy industryBy languageHTTP status codesSecurity headers

Company

ContactTwitterLinkedInGitHub