Good point about an outsider potentially poking at internal.corporate.com. Though you could only trick support@example.com into making a GET request in this manner, right? Which ideally doesn't change data, but obviously exposes bigger attack area for vulnerabilities like the rails one.
Rails in January 2013 was mentioned specifically because a series of security bugs allowed attackers to achieve remote code execution with specially crafted URL parameters.
Thus someone could get a remote shell on your box running as the rails account, not just access to an internal application.
