Example
https://github.com/juliocesarfort/public-pentesting-reports
Structure
Risk
The existing issue the report is based off
Proof Of Concept (PoC)
A short demo of an exploit of this risk
Impact
An impact assessment of the risk
Exposures
The currently exposed systems
Remediation
The steps to take to remediate