Trivial | very minor issues |
Low | XSS, info leaks |
Medium | destructive actions, access others' accounts |
High | local root (auth required), /root/.accesshash, /etc/shadow access |
Less Critical | local root (no auth required) |
Critical | remote root (no auth required) |
L/R | Local/Remote |
Auth | Authentication required |
S | Bug found via source code review |