OH XSS Vulnerability.
If you happen to use the lastcomments plugin, either disable it or read here.
(Fix included)
Bye!