Apache Struts 2 is an open-source Web application framework for developing Java EE Web applications. It uses and extends the Java Servlet API to encourage developers to adopt a model-view-controller (MVC) architecture. Apache Struts 2.0.0 through 2.3.15.1 enables Dynamic Method Invocation by default, which has unknown impact and attack vectors. This rule supports to defend the A6: Vulnerable and Outdated Components of OWASP Top 10 - 2021. Other reference:None