Please could you help fix the below mentioned security violations on https://localhost:443..
We might have to fix it from the source.
Cross-site scripting (reflected) => The value of the chartId request parameter is copied into the HTML document as plain text between tags. The payload d91e22f764 was submitted in the chartId parameter. This input was echoed unmodified in the application's response.
Cross-domain script include
Frameable response (potential Clickjacking)
/acceleratorservices/hop-mock /monitoring/database /platform/dryrun/execute /poll /static/js/modernizr-1.7.min.js
Credit card numbers disclosed
The following credit card number was disclosed in the response: 4111111111111111
Cacheable HTTPS response
Unless directed otherwise, browsers may store a local cached copy of content received from web servers. Some browsers, including Internet Explorer, cache content accessed via HTTPS.
HTML does not specify charset
If a web response states that it contains HTML content but does not specify a character set, then the browser may analyze the HTML and attempt to determine which character set it appears to be using.