Perhaps I'm being nieve but it seems like very bad coding when front end exploits can lead to cash being stolen. I would expect the bare minimum of a message bus or some other separation between back end payment components and the public facing boxes.