These two security patches SUPEE-5344 (Released Feb 9, 2015) and SUPEE-1533 (Released Oct 3, 2014) effect both the Community and Enterprise Editions of Magento.

The hole is actually in Magento’s Core so all Magento stores will need patching. If you are unsure if your shop is vulnerable please use this on-line tool to check your installation:

A handy way of seeing if have patched your Magento installation is to run this grep command. This will show which sites have not been patched. Change the * to suite your server’s setup.

grep -L "_internallyForwarded" /home/*/public_html/app/code/core/Mage/Core/Controller/Request/Http.php

It’s really important that your Magento installation is patched before it’s too late.
If you require any assistance applying these security fixes to your site, please get in contact.