Dear All,
I am using Nextcloud and platform is as below:

NC- 21.01
Server- Ubuntu 20.04
Web server- NGINX

Now during scanning we are getting finding-

Synopsis The site uses some vulnerable javascript libraries.
Description The site uses some vulnerable javascript libraries. Some vulnerabilities were reported for this particular version of the library.
Solution Upgrade the library to higher (possibly the latest) version.
URL Not available
Variant The site uses some vulnerable javascript libraries.
Findings The ‘bootstrap’ library at version 3.3.5 is vulnerable, details:

(medium) XSS in data-template, data-content and data-title properties of tooltip/popover, see: https://github.com/twbs/bootstrap/issues/28236

(medium) XSS in data-target property of scrollspy, see: https://github.com/twbs/bootstrap/issues/20184

(medium) XSS in collapse data-parent attribute, see: https://github.com/twbs/bootstrap/issues/20184

(medium) XSS in data-container property of tooltip, see: XSS in data-target attribute · Issue #20184 · twbs/bootstrap · GitHub

Can anyone please help me how to resolve this.

Thanks

For security issues, there is a guideline:

If it is known stuff, you can perhaps check directly with the developers on github.com/nextcloud/server/issues, the first issue was already addressed here: Vulnerable JavaScript libraries · Issue #17959 · nextcloud/server · GitHub