Oracle just released Security Alert CVE-2018-11776. This vulnerability affects Apache Struts 2, a component used in a number of Oracle product distributions. It has received a CVSS Base Score of 9.8. The Security Alert advisory provides a list of affected Oracle products, their statuses, and information about available patches.
For more information, see the Security Alert advisory located at http://www.oracle.com/technetwork/security-advisory/alert-cve-2018-11776-5072787.html and MOS Note "Security Alert CVE-2018-11776 Products and Versions" (Doc ID 2440044.1).