Information Info Vega has detected that the resource has specified an insecure Flash cross-domain site-control policy. The crossdomain.xml file has set the site-control permitted-cross-domain-policies attribute to "all". As a result, all cross-domain policy files on the domain are permitted and may override the master policy for specific resources, which can potentially lower cross-domain security settings. Assess the need for resource-specific cross-domain policies. If resource-specific policies are not absolutely required, configure a master policy file on the domain root path that specifies "master-only" as the value for the site-control permitted-cross-domain-policies attribute. This will enforce a single policy for the entire domain. Adobe Flash Player security - Website controls (policy files)