Ruby on Rails Action View Directory Traversal Exploit

This vulnerability allows remote attackers to read arbitrary files by leveraging an application's unrestricted use of the render method. Combining this with log injection, remote code execution can be achieved.
Platform: 
Vulnerabilty ID: 
CVE-2016-0752
Product Version: 
2016_R1
Released Date: 
Friday, June 3, 2016 - 00:00