Stellar has disabled this functionality alltogether already (forcing you to pay fees when reimbursing someone), on Ripple you hopefully already check flags before crediting accounts. Better safe than sorry though, this is only a "vulnerability" if you didn't read the documentation, otherwise it's a useful feature.
The documentation on the partial payment feature is very poor. Even the Stellar Development Foundation only learned of the issue this past week. Even though there was an update to the Stellar code base to remove the feature, we are nonetheless taking the Stellar gateway offline until we can fully evaluate everything ourselves. Overly cautious perhaps, but we'd rather be overly cautious in a situation like this.