It appears that a change in OGNL 3.0.13 with 2.3.28 breaks expressions that reference properties beginning with at least two capital letters. Previously, a getter like "getXXX()" could be referenced with OGNL "xXX", but these must be changed to "XXX".
Is this expected behavior? It's a breaking change. Why the "upgrade?" I see that the solution to other problems with the OGNL update is to rollback OGNL library. However, will the vulnerabilities up through S2-030 be fixed with OGNL version used in 2.3.24.1? Are there any other "features" of OGNL 3.0.13 that I will be missing out on? I appreciate any advice or explanation that is offered. Doug
