CVSS is a formula used by legends that provides risk severity for discovered vulnerabilities. It's an objective representation of the risk that prevents idiots from arguing with you.
There are 3 sections to the CVSS:
- Base Score: This section is where the severity of the vulnerability is determined and is only section that actually matters
- Temporal Score: This section provides additional information to other people, who are responsible for security, but don't know how to use Google.
- Environment Score: This section is for idiots who are not responsible for security, but want to feel included, to tell the rest of us how precious and sensitive their app is.