2015 Patches SUPEE-6285
Patch Bundle Date of Release: 07/07/2015
This bundle includes protection against the following security-related issues:
- Customer Information Leak via RSS and Privilege Escalation
- Request Forgery in Magento Connect Leads to Code Execution
- Cross-site Scripting in Wishlist
- Cross-site Scripting in Cart
- Store Path Disclosure
- Permissions on Log Files too Broad
- Cross-site Scripting in Admin
- Cross-site Scripting in Orders RSS
Full details here: http://merch.docs.magento.com/ce/user_guide/Magento_Community_Edition_User_Guide.html#magento/patch-releases-2015.html