JennaySDavis
commented
5 months ago During a security meeting on June 9, 2024, it was confirmed that the URLs flagged were already loaded. (https://hstspreload.org/) Dan did an additional verification after the meeting and confirmed. Dan created a GSA generic request ticket for this false positive.
This issue has been resolved and is no longer listed on the June Vulnerability Scan.
https://drive.google.com/drive/folders/1BHO0cG7YaMluNvYFI2oJFtElKmlNIzjB Report Name: Production - https:/smartpay-889-prod.app.cloud.gov/ - January 2024