Description
Dolibarr ERP/CRM 4.0.4 allows password changes without supplying the current password, which makes it easier for physically proximate attackers to obtain access via an unattended workstation.
Remediation
References
Related Vulnerabilities
WordPress Plugin Spam protection, AntiSpam, FireWall by CleanTalk Cross-Site Scripting (5.21)
CKEditor Other Vulnerability (CVE-2022-24729)
Drupal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2008-3744)
WordPress Plugin WP Geoloc Cross-Site Scripting (1.0.0)
WordPress Plugin Disable Feeds Unspecified Vulnerability (1.4)