I'm not sure if you read the entire article, but it explains how the GET request's response is not able to be viewed in the browser:

"A cross-origin GET request will work, however the response will not be available to the Javascript code."

Even if it were, I still wouldn't classify it as an attack because the definition according to Google is:

"an attempt by hackers to damage or destroy a computer network or system".

Getting information from a system is not the same as destroying that system.