Upgrade to Apache Struts version 2.3.35 or 2.5.17 ASAP !

If you use Apache Struts ( remember Equifax ? ) please upgrade to the versions mentioned above. As always NVD is lagging behind on details so dont depend on your scanning solutions to detect this in your environment just yet, CVE-2018-11776