JennaySDavis
commented
1 week ago During a security meeting on June 9, 2024, it was confirmed that the URLs flagged were already loaded. (https://hstspreload.org/) Dan did an additional verification after the meeting and confirmed. Dan created a GSA generic request ticket for this false positive.
This issue has been resolved and is no longer listed on the June Vulnerability Scan.
Report Name: Production - https://training.smartpay.gsa.gov/ - January 2024
https://drive.google.com/drive/folders/1BHO0cG7YaMluNvYFI2oJFtElKmlNIzjB