No I know it's on par I guess better rephrasing would be the par is still too low

Compared to what? What's your baseline for how much a user-interaction-required XSS vulnerability should be worth?

	▲	sans_souse 3 days ago \| parent [-]
		I'm not basing it on math. Are you saying tho that 2.5k wouldhave been adequate in 2019? I expect 5k would have been on par then too. But idk