CVSS Calculator
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:NOverrides VRT in exports when set — useful for HackerOne or custom program tiers.
Advanced (Temporal & Environmental)
Temporal and environmental metrics are available in CVSS 3.1 spec but rarely used in bug bounty submissions. Base score above is what triagers typically evaluate.
Finding Details
Affected Component
Proof of Concept / Evidence
Paste HTTP requests, payloads, or attach screenshots. Code blocks are preserved in output — wrap multi-line content in ``` fences or paste raw requests (auto-wrapped as ```http).
Supports `inline code` and ```code blocks``` — formatting is preserved in preview and export.
Describe what an attacker achieves(e.g. "take over any user's account"), not just what happens technically (e.g. "JavaScript executes").
Use demonstrated language ("An attacker can…") rather than theoretical ("might/could").
Steps to Reproduce
References
Live Preview
Untitled Finding
Severity: Medium (CVSS 6.5)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Steps to Reproduce
_No reproduction steps provided._