Netsparker detected that wildcard was used in scheme portion of a CSP directive.
Wildcard cannot be used in schema. If you use wildcard in schema, it will be ignored by the browsers.
Remove the wildcard from schema.
You can search and find all vulnerabilities
Dead accurate, fast & easy-to-use Web Application Security Scanner