Name of the Vulnerable Software and Affected Versions CodeIgniter version 3.1.0 and earlier

Description A critical security issue was found in the ODBC database driver, which could lead to SQL injection. This issue has been mitigated with crucial fixes in the update. The query builder and escape() functions are no longer compatible with the ODBC driver due to these fixes. However, actual query binding has been introduced as a more secure alternative.

Recommendations For CodeIgniter version 3.1.0 and earlier, update to version 3.1.0 or later to resolve the issue. As a temporary workaround, consider disabling the use of the query builder and escape() functions with the ODBC driver until the update is applied. Restrict access to sensitive database operations to minimize the risk of exploitation.