An SQL injection vulnerability has been discovered where a variable is being incorrectly sanitized. We are therefore releasing patches for both versions 3.8 and 4 to address this.

The patch can be downloaded from the client area and installation is simply a case of replacing the 2 files involved. There is no upgrade or install process required.

An email announcement has been mailed to all active clients.

Matt