"Action Pack in Ruby on Rails before 3.2.22.2, 4.x before 4.1.14.2, and 4.2.x before 4.2.5.2 allows remote attackers to execute arbitrary Ruby code by leveraging an application's unrestricted use of the render method."

You have a website, you want to protect it from attacks, and you hide it behind a web application firewall (WAF).  If your site was already public and you move it behind a WAF, bad actors can find your site.  Depending upon which WAF you're using, your site's actual location could also be discovered regardless of whether it was previously public on another server.  And if you're not locking down access to the site exclusively to the WAF, bad actors can attack your site without the protection of the WAF.

You receive the following error in Joomla:

"Warning

The TinyMCE Editor Plugin has been updated. Currently it uses your existing configuration. By editing the plugin, you can now assign and customise various layouts to specific user groups.

Warning: when editing the plugin, you will lose all your previous settings!"