Just after updating struts to 18.104.22.168, all of ours applications stop working. Some of ours applications uses struts-convention-plugin, so only url can be used to access action's methods.
We are using a lot of url with "!input" methods, especially to manage form input and form validation.
"S2-019 - Dynamic Method Invocation disabled by default", seems to be a big security issue. So, is it safe to re-enable back DMI to true ? If not, how is it possible to not use DMI ?