From the WordPress blog
WordPress 2.3.3 is an urgent security release. A flaw was found in our XML-RPC implementation such that a specially crafted request would allow any valid user to edit posts of any other user on that blog.
Emphasis mine. This isn’t that urgent, if you ask me. If you don’t trust users on your blog then they shouldn’t be on your blog. This won’t effect too many people, but still, it’s always worth upgrading and fixing any potential threats no matter how small a risk they are. Grab WordPress 2.3.3 or the patched XML-RPC file if you don’t want to upgrade.
[Update]: This is more urgent than I thought for some people. I forgot that you can let people register on your blog to make comments! Those will be valid users as well and could exploit this bug. I don’t have user registration turned on, but I know a lot of people do so this is quite serious indeed. Upgrade ASAP.