Hi everybody,
please note that we published the security bulletin 2013-001 today as announced with the last patch release:
The vulnerability has been fixed with OXID eShop Enterprise Edition 5.0.8 and Community/Professional Edition 4.7.8. If you cannot update for a certain reason, you may find a workaround in the security bulletin.
Best!