## 3.8.10.2
– FIX: Query Builder. SQL query type. More strict sanitizng of the input parmaters to prevent SQL injections.
## 3.8.10.1
– FIX: More strict sanitization of custom table queries to prevent potential SQL injections in some cases (appears as combination of the some backend CPT config and appropriate front-end setup);
– FIX: Legacy forms. Santizie status-related query parameters to prevent XSS vulnerability through the form status parmeter;
– FIX: Sanitize URL form fields and listing URLs using JetEngine URL schemes;
– FIX: Custom Content Types. Only unserialize array-backed fields when reading items to avoid converting unauthorized serialized strings into real PHP objects.