A vulnerability, which allows an attacker to retrieve unprocessed web content (e.g. source code), has been found in XSP.

People already using the latest supported version of Mono, 1.2.2 and 1.1.13.8.2, are protected against this vulnerability. Other people are encouraged to update to the latest supported version of Mono. Major distributions have already been advised and updates should (now or shortly) be available for their supported versions.

More information can be found here: http://www.mono-project.com/Vulnerabilities.