Something I only recently came about was the vulnerability implications of target="_blank" links.
Pages opened this way have an access to the previous window context and are able to potentially inject malicious code.
The solution is simple, just add rel="noopener noreferrer" to those links and you should be good to go.
It might be worth asking if links should open in a new window at all.