THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
It is possible to pass a malicious expression which can be used to execute arbitrary code on server side when Dynamic Method Invocation is enabled.
Solution
Upgrade Disable Dynamic Method Invocation when possible, if not upgrade to Apache Struts to version versions 2.3.20.2, 2.3.24.2 or 2.3.28.1.
...