CVE-2017-14460
The CVE-2017-14460 issue affects Parity Ethereum client’s JSON-RPC interface, where the default overly permissive cross-domain (CORS) whitelist (often *) can allow a malicious website to fetch or modify data through the JSON-RPC API if certain endpoints are enabled. TALOS details show an example ...