The Vulnerability Rating Taxonomy (VRT) has been updated to version 1.9, with new entries for commonly submitted reports such as SSTI and Impersonation via Broken Link Hijacking, as well as a revamped Sensitive Data Exposure subcategory with more granular severity baselines. The VRT also includes suggested remediation steps for vulnerabilities of this type. Additionally, the update adds new entries for Flash-based CSRF dedicated issues, which will range from P5-P4. The VRT is a living document that is continually updated thanks to contributions from the broader security community and is designed to provide a baseline priority rating system for vulnerabilities reported within the Crowdcontrol platform.