A new version of WordPress has been issued to fix a cross site scripting (XSS) vulnerability in post comments. All users are recommended to upgrade to this version.
This version, 0.7.1.1, is unfortunately not available from the normal locations. You can get it from http://zed1.com/wordpress-0.711/. That page explains several strategies for addressing this vulnerability.