CVE-2025-24337 Information

Description

WriteFreely through 0.15.1 when MySQL is used allows local users to discover credentials by reading config.ini.

Reference

https://github.com/writefreely/writefreely/releases/tag/v0.15.1 https://raphus.social/@TV4Fun/113846757112643161 https://www.openwall.com/lists/oss-security/2025/01/18/1