Critical SQL injection bug in the ODBC database driver

Affected version: <=3.0.6

Reported by:
FriendsOfPHP/security-advisories

XSS attack vector in Security Library method xss_clean()

Affected version: <3.0.3

Reported by:
FriendsOfPHP/security-advisories