ZAP is Out of Date

The version of ZAP you are using to test your app is out of date and is no longer being updated. The risk level is set based on how out of date your ZAP version is.

Using an outdated version of ZAP means your security scans are missing detection capabilities for newly discovered vulnerabilities, lack updated attack patterns, and may produce false negatives that give a false sense of security. As new attack techniques emerge and web technologies evolve, older scanner versions become progressively less effective at identifying modern vulnerabilities. This creates a dangerous gap where critical security flaws in your application remain undetected, leaving you vulnerable to exploitation by attackers using current techniques that your scanner cannot recognize.

Download the latest version of ZAP from https://www.zaproxy.org/download/ and install it.