[MEDIUM] Dolibarr allows password changes without supplying the current password

PKSA-2fd1-h6fv-9c6d CVE-2017-8879 GHSA-5x4j-xcmv-v3q2

Affected package: dolibarr/dolibarr

Affected version: =4.0.4

Reported by:
GitHub