Refused to load the stylesheet 'https://fonts.googleapis.com/css?family=Noto+Sans' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-eval' 'unsafe-inline'". Note that 'style-src-elem' was not explicitly set, so 'default-src' is used as a fallback.
Refused to frame 'https://cabi-domain.com/' because it violates the following Content Security Policy directive: "default-src 'self'". Note that 'frame-src' was not explicitly set, so 'default-src' is used as a fallback.
Component: UIM - CABI
On the UMP server add the following to the <head> section of the following file:
C:\Program Files (x86)\Nimsoft\probes\service\wasp\webapps\cabi\includes\header.jsp
// Summary: Content Security Policy informs the client about the sources from which the application expects to load
// Info: https://www.owasp.org/index.php/Content_Security_Policy
response.setHeader("Content-Security-Policy", "default-src 'self' https: 'unsafe-eval' 'unsafe-inline'; img-src 'self' https: data:;");
After which restart the wasp probe on the UMP server.