Threatpost – (International) Exploit code, Metasploit module out for Ruby on Rails flaws. Proof-of-concept exploit code and a penetration testing module were released for several Ruby on Rails vulnerabilities that could allow arbitrary code execution and the installation of backdoors, presenting a major vulnerability for Web sites using versions other than the most recently released.
Source: http://threatpost.com/en_us/blogs/exploit-code-metasploit-module-out-ruby-rails-flaws-011013
