Potential SQL injection in ORDER and GROUP functions of ZF1

PKSA-nfx8-h3yx-xf86

Affected package: zendframework/zendframework1

Affected version: <1.12.20

Reported by:
FriendsOfPHP/security-advisories