Apache Struts 2.0.0 to 2.5.20 forced double OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution.
https://www.tenable.com/blog/one-year-later-what-can-we-learn-from-zerologon
https://www.tenable.com/cyber-exposure/2020-threat-landscape-retrospective
https://www.oracle.com/security-alerts/cpuoct2021.html
https://www.oracle.com/security-alerts/cpujan2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html