What is considered a concern in general? Well in short, a concern is virtually anything that may cause a disturbance with the flow of your code. It can range from something as small as forgetting an "s" at the end of an already declared variable, or forgetting the difference between addition and concatenation. It could even be the fact that one of your functions simply aren't performing the way that you intended. Imagine if we made an app and put all of it's components under one file. Can you imagine reading down that long list of code? The thought itself scares me.
This is where the concept of Model, View, and Controller helps. Smart people of the world figured that in order to make our lives easier, let's create a sort of format for app building that allows us to pinpoint, or "separate" the concerns that may take place. Concerns may include things like logging, security, or data transfer(s). With that said, it explains the phrase "separation of Concerns". With the way the Model, view, and controller (MVC) is setup, everything is essentially talking to each other. The model holds all our data, the view is what is displayed to the client's screen, and the controller is how we control which actions we want to take place by listening for events to occur.. Right?
But what happens when I change something in one file but my application's state doesn't update? For example, if I had a file that held medical records within a collection, and I hard coded a specific change to one of the patient's records, I would then need to make sure that my model is setup properly to update the state of my application. But if it isn't for some reason, then you would know that the concern has affected the model, thus making it a cross-cutting concern.
One of the most common concerns when creating applications is security. When app building, we want all of our apps to be safe. With that said, knowing the MVC format, we help separate concerns yes. But that doesn't necessarily mean that everything is "safe". Attacks such as an XSS attack are quite possible. XSS attacks are considered "cross site scripting" attacks against your application. So if a malicious hacker decided to inject some mean code into app, he most totally could if the application is vulnerable. We can avoid this concern by setting up something called API keys. These keys are a form of access to your application, hence the name "Application Program Interface". This would be one example of a way to avoid a concern such as XSS attacks. However, there are still tons of other concerns to account for like not encrypting your data that's being sent to the web using a secure socket layer(SSL). Yeah, sounds like a lot to account doesn't it?
That's because it is! Remember, we are human and concerns are bound to happen, so stay cautious! SO yes, having a MVC setup allows for an easier experience when separating concerns. However, cross-cutting concerns range and could still take place if you haven't actually secured your information by using tools such as an API key. Your app may work just fine, but is it really secure? And What concerns have you accounted for?