I received the following message from Magento:
Today, we are releasing a patch (SUPEE-6482) that addresses 4 security issues identified through our comprehensive security program. This patch resolves two issues related to APIs and two cross-site scripting risks. There are no confirmed reports of attacks related to these issues to-date, but it is important that you immediately deploy the patch in order to protect your store.
Do we need to install this patch on our site?
No, this is something Modern Retail does for you as part of our website maintenance. In fact, we have already installed SUPEE-6482 on all the Magento websites we manage, and there's nothing else you need to do.
You can read Magento's full announcements regarding these security issues below. Thank you.