In this project I follow the recommendation to avoid the top website vulnerabilities that breaching confidentiality, integrity and availability of a website, and replace them with defence code
Avoid SQL injections by ORM.
Authentication uses MFA and TOTP
XML defenses
Content security policy against cross-site scripting