WebScan will often provide you with the information you need to fix these vulnerabilities. It will also provide you with links to resources on the internet to help. This information should be passed onto your web developers who should be able to apply patches to the framework.
Framework vulnerabilities are not malware, they are usually bugs that in the software used to run your website, often the software providers have identified and released fixes for these vulnerabilities and they just need to be applied.
Malware can take advantage of these vulnerabilities to infect your website so the sooner your framework is patched the better.