CVSS

The Common Vulnerability Scoring System (CVSS) is a standardized framework for rating the severity of security vulnerabilities on a scale of 0–10. Scores consider factors like attack complexity, required privileges, user interaction, and impact on confidentiality, integrity, and availability. A CVSS score of 9.0+ is Critical, 7.0–8.9 is High, 4.0–6.9 is Medium, and below 4.0 is Low. Security teams use CVSS scores to prioritize patching and remediation efforts.

Why it matters for your website

• 1Helps identify vulnerabilities before attackers do
• 2Required by PCI-DSS, SOC 2, and most enterprise security programs
• 3Regular testing reduces mean time to detect (MTTD) breaches