Xaliom

**Name of the Vulnerable Software and Affected Versions** ADOdb versions prior to 5.22.9 **Description** The issue is related to the improper escaping of a query parameter, which may allow an attacker to execute arbitrary SQL statements when the code using ADOdb connects to a PostgreSQL database and invokes the `pg insert id()` function with user-supplied data. **Recommendations** For versions prior to 5.22.9, update to version 5.22.9 to resolve the issue. As a temporary workaround, consider restricting the use of the `pg insert id()` function with user-supplied data until the patch is applied.