User input leads to file opening. This allows users to take control and open any readable file on the system which may leak sensitive information. This can be sanitized with the basename method.
1def render_modern_param_noncompliant
2 page = params[:page]
3 # Noncompliant: Unsanitized user-input is used in render file.
4 render file: "/some/path/#{page}"
5end
1def render_modern_param_compliant
2 page = params[:page]
3 # Compliant: User-input is sanitized before using it in render file.
4 render file: File.basename("/some/path/#{page}")
5end