Fixing vulnerabilities in Elm's virtual DOM

An article about possible XSS security vulnerabilities in Elm:

Nice to see things being fixed, but I get the impression that Elm is a much lower security risk than other browser ecosystems due to the nature of the language and community.