The LDAP Tool Box Self Service Password version 1.3 has been released. The changelog shows that this release includes a number of updates, but the most significant updates are probably those intended to address CVE-2018-12421, which allowed a user’s password to be changed without knowing the current password. If you’re using this application, you should update to the latest version.