I know this is the holidays and you have probably only sun in mind, but security issues can’t wait: this morning Magento have published a new patch against SUPEE-6482 issue which include two issues related to APIs and two cross-site scripting risks.
All releases are affected, including the community editions prior to 1.4!.
The hotfix can be downloaded on the Magento download page https://www.magentocommerce.com/download
A new release of the community edition is online – 126.96.36.199 – which include the fix.
As always, don’t forget to check if you have benn made an overload of the file content or do it automatically with the github project updateMagentoPatches