CVE-2018-1000022

Name of the Vulnerable Software and Affected Versions: Electrum Bitcoin Wallet versions prior to 3.0.5

Description: The issue concerns a Missing Authorization vulnerability in the JSONRPC interface, which can lead to Bitcoin theft if the user's wallet is not password protected. This can be exploited when the victim visits a web page with specially crafted JavaScript.

Recommendations: For versions prior to 3.0.5, update to version 3.0.5 or later to resolve the issue. As a temporary workaround, consider ensuring that the wallet is password protected to minimize the risk of exploitation.