Summary
CSP report-uri declaration is used to report CSP violations. Acunetix 360 detected that the report-uri uses an HTTP URL to report these violations.
Impact
Violation might include private data which will be exposed through clear text (HTTP) channels. Clear text communication is susceptible to MITM (Man-in-the-middle) attacks.
Remediation
Use HTTPS in report-uri declaration.