Web & Mobile
This is a vulnerability classification table for web & mobile applications (v2.0)
Last updated
This is a vulnerability classification table for web & mobile applications (v2.0)
Last updated
We use the to assess the severity of your vulnerability.
Payments manipulation
SQLi
Remote code execution (RCE)
Business logic issues that can cause a loss of user funds/assets
Command Injection
Subdomain takeover (on linked to wallets domain)
Stored XSS
Server-Side Request Forgery (SSRF)
Leakage of sensitive user information (greater than 15%)
File Inclusion
Reflected XSS
Subdomain takeover
2FA Bypass
Leakage of sensitive user information (3% -15%)
Cross-Site Request Forgery (CSRF)
HTML injection
No Rate Limiting on Form
Content Spoofing
Broken Link Hijacking