Ruby on Rails 'implicit render' Functionality Directory Traversal Vulnerability

Ruby on Rails is prone to a directory-traversal vulnerability.

A remote attacker could exploit the vulnerability using directory-traversal characters ('../') to access arbitrary files that contain sensitive information.


 

Privacy Statement
Copyright 2010, SecurityFocus