The vision 2021 of Bangladesh had to transform into a digital country, where the digital platform was a significant part of it. To make a digital platform, the Bangladesh government announced plans to build web applications in government, non-government, financial, educational and other sectors. By increasing the number of websites, the security risk is growing because of vulnerable coding practices. If those security risks are not fixed, attackers could exploit these vulnerabilities and perform various malpractices like data breaches, injected spam content, spreading viruses, malicious redirects, Denial-of-service, or even website defacements. This paper focuses on vulnerability assessment on Bangladeshi government and financial websites to show the security posture of these sites. This study scanned and analyzed four types of risk alerts High, Medium, Low and Informational using Acunetix and ZAP tools. In addition, the selected top five vulnerabilities are CJ, MC, CSRF, ID and XSS in terms of single vulnerability-type detected for targeted websites. The report has described representing the security condition of Bangladesh official websites. Also, it provided mitigation techniques for these vulnerabilities to avoid security risk, which is less discussed in this country.