Security/DraftDREAD
From MozillaWiki
< Security
Damage Potential 0 = Browser crash, no info leak 1 = Some info leaked but not PII 3 = Information leaked including PII 5 = Browser control compromised or OS damage
Reproducibility 0 = Requires a special case or configuration that is not default that the user must manually change 1 = Requires a user change the default configuration 3 = Works a majority of the time and/or requires some user interaction 5 = Works every time and/or requires little to no user interaction
Exploitability 0 = Requires special tools or malicious add-on with significant user action 1 = Uses a built in feature that may not be a part of the users normal actions (i.e. devtools) 3 = Some user interaction required (beyond browsing to malicious content) 5 = No user interaction required (beyond browsing)
Affected Users 1 = Single Minority Platform 3 = Multiple Minority Platforms 5 = All Platforms or majority platform
Discoverability 0 = Would be difficult to discover without special knowledge and tools even for developers familiar with the code 1 = Reported internally with tools and knowledge unlikely to be publicly reproduced 3 = Reported by an outside party or with tools that and knowledge that is likely to be publicly reproduced 5 = Exploit code is publicly available
