laravel/framework is vulnerable to information disclosure attacks. The writeNewEnvironmentFileWith
method does not restrict /.env
permissions, allowing a malicious user to obtain sensitive information by sending a direct request to the /.env
URI.