@LorenzoAncora >cve.org is popular and safe to use.
You write that, but then I see the following Obfscript;
https://cmp.osano.com/AzyhULTdPkqmy4aDN/46057d56-0263-4cca-abac-9adddada4f3b/osano.js
https://www.cve.org/assets/index-mLL8icbW.js

Those are sufficiently large programs that would be quite trivial to slip proprietary malware in and have such go unnoticed.

Any attacker wouldn't even need to compromise the computer cve.org is running on to attack visitors - they could compromise cmp.osano.com instead.

It seems more JavaScript programs are loaded too, although which ones are not revealed until you run proprietary JavaScript (free and nonfree JavaScript are mixed into the same file), which I refuse to do.

>JavaScript is a web standard that helps ensure compliance with EU safety regulations and accessibility requirements.
JavaScript absolutely destroys accessibility and seems to be primarily used to spy on the user, which doesn't exactly "comply with EU safety regulations".

>It is implemented by 97.69% of web browsers and utilized by 98.3% of all public websites.
97.69% of web browsers have a SEVERE vulnerability and a little less than 98.3% of public websites attack people with proprietary software and spyware huh?

>its presence on the CVE site is standard practice for modern web functionality.
Just because attacking the user is standard practice doesn't mean a website that doesn't function without JavaScript is acceptable.

The only JavaScript your website needs and should have is as follows;
<script>
/* AGPLv3-or-later */
document.body.innerHTML = 'We have detected that you have JavaScript enabled in your browser, please disable it to continue. Please be aware that your browser is severely compromised as it is automatically running malicious JavaScript.'
</script>