Kayran has detected that the version of Bootstrap being used is vulnerable to Cross-site scripting (XSS).
Cross-site scripting (XSS) is possible in the data-target property of scrollspy. Also known as CVE-2018-14041.
This will allow the attacker to add and modify the data.
CVSS Version 3.x – 6.1 Medium
To deal with CVE-2018-14041, update the version of the Bootstrap being used.
Make sure its version is 4.1.2 or higher.