borisrizov-zf
commented
8 months ago The acceptable solution to this is to update the DAST scan file and remove line 123-127 and add the retention-days: 1 option to the report. This has been approved by sec as a solution.
Summary
Security scans shouldn't post reports which contain High and Medium findings for the open public as it would present a security issue.
Solution
Edit the reports to show only non-critical errors and create reports in the security tab.