HTML5 security has been a question mark for years, and it has not improved over the stretch. HTML5 offers no secure sandboxing protection, such as what Flash can have in the Chrome browser. The number of browsers in use also brings some security, because vulnerabilities in one browser may not exist in other browsers. Despite the gloomy outlook, HTML5 still offers hope for better security — if browser makers do the right thing, says Kevin Johnson, CEO at IT security consulting firm Secure Ideas.”]
Source: https://www.csoonline.com/article/2960695/sick-of-flash-security-holes-html5-has-its-own.html