So if you want to check, you can open the Audit tool in Chrome (Right Click > Inspect and open the Audit in the console, may be hidden in the 3 dot menu). Run that and it will show issues under best practices. Some of the errors are just warnings a lot of which are false positives.
But i can’t see the XSS issues raised. Let me know if anything comes up.