Hi sairam Tanniru,
You can create a Support ticket with Mendix.
One of our applications also went through a Vulnerability test. We raised a Mendix ticket and a few issues we resolved by adding security headers( In our case). Some of them seems to be not vulnerable, so Mendix gave explanations and supporting documents on why they are not vulnerable.
Best way is to create a Support ticket with Mendix.