CVE-2017-18016

Published
View on NVD ↗
CVSS v3
N/A
CVSS v2
5
MEDIUM
Affected
2
PROJECTS

Description

Parity Browser 1.6.10 and earlier allows remote attackers to bypass the Same Origin Policy and obtain sensitive information by requesting other websites via the Parity web proxy engine (reusing the current website's token, which is not bound to an origin).

tintinweb/pub
tintinweb/pub
Vulnerability Notes, PoC Exploits and Write-Ups for security issues disclosed by tintinweb
GitHubGitHub
265
openethereum/parity-ethereum
openethereum/parity-ethereum
The fast, light, and robust client for Ethereum-like networks.
GitHubGitHub
6.84K