VirtueMart 3.2.14 Security Release announced
"This fairly serious XSS discovered by Mattia Furlani pertained only the administration area, so most shops are not affected.
Shop owners running a multi-vendor store or fearing that their employees may use this leak should update as soon as possible."
Don't take any chances.
Download and install the latest Virtuemart security release.
Back up before updating any 3rd party Joomla! extension
Any update can break your website.
Perform a FULL backup of your website (database and files) before installing any update.