WordPress 2.8.2 Released to Fix Critical XSS Vulnerability
by Michael
Just moments ago, WordPress 2.8.2 was released with an accompanying blog post:
WordPress 2.8.2 fixes an XSS vulnerability. Comment author URLs were not fully sanitized when displayed in the admin. This could be exploited to redirect you away from the admin to another site. Download 2.8.2 or automatically upgrade from the Tools->Upgrade page of your blog’s admin.
Be sure to update your WordPress installation as soon as possible and keep your site and server safe from intrusion!