Dolibarr Improper Authentication Vulnerability (CVE-2017-8879)
Description
Dolibarr ERP/CRM 4.0.4 allows password changes without supplying the current password, which makes it easier for physically proximate attackers to obtain access via an unattended workstation.