[CRITICAL] Ibexa User Bundle is missing password change validation

PKSA-tp68-m26r-qqm9 CVE-2025-67719 GHSA-x93p-w2ch-fg67

Affected package: ibexa/user

Affected version: >=5.0.0-beta1,<5.0.4

Reported by:
GitHub