Invicti detected that wildcard was used in scheme portion of a CSP directive.
Wildcard cannot be used in schema. If you use wildcard in schema, it will be ignored by the browsers.
Remove the wildcard from schema.
You can search and find all vulnerabilities
Dead accurate, fast & easy-to-use Web Application Security Scanner
Invicti Security Corp 220 Industrial Blvd Ste 102 Austin, TX 78745
© Invicti 2022