[MEDIUM] Potential SQL injection in ORDER and GROUP functions of ZF1

PKSA-nfx8-h3yx-xf86 GHSA-vvm3-rv48-j3g5

Affected package: zendframework/zendframework1

Affected version: <1.12.20

Reported by:
GitHub, FriendsOfPHP/security-advisories