Below are the 2 failed check in Magento Security scan report how to fix it
Note: 1. i have installed Magento in /var/www/html
2. my current version of Magento is 2.4.1
1.FAIL
Vulnerability
Magento /pub/
Your Web server is configured to run Magento from %MAGENTO_ROOT% directory.It is recommended to set %MAGENTO_ROOT%/pub as a Web server root directory.
Follow Security Best Practices.
2. FAIL
Patch
XS Vulnerability
XS Vulnerability - Failed.XSS Patch not detected (APPSEC-1716)
Apply the Magento 2.2.5/2.1.14 Security Update immediately.
Review your site for signs of compromise. Find more information about Security Best Practices.