It's all about the right security process (Score 1)

Besides writing code with security in mind in the first place, it is all about establishing the right security process and acting quickly.

The TWiki community has a well established security alert process, summarised at TWikiSecurity. The security team acted very quickly on the last incident, as documented in the timeline.

Like other web based software, TWiki is safe to use on public sites if site administrators establish the right security process and act quickly on an incident.