SUPEE-6482 has been released and resolves several security related issues:

Issues resolved:

  • SSRF Vulnerability in WSDL file – APPSEC-1020
  • Autoloaded File Inclusion in Magento SOAP API – APPSEC-1019
  • Cross-site Scripting/Cache Poisoning – APPSEC-1030
  • Cross-site Scripting in Gift Registry Search – APPSEC-1022

Full patch notes can be found here