Change password session fixed

vulnerability: While changing the password it should show that the password was changed successfully and then it should log out instead it remains on the same webpage.It does not even show that the old password entered is correct or not.when we enter the new password in both the fields incorrect then also it shows no notification. Steps to reproduce 1.Login to your account 2.Click on the rightmost top corner on account 3.Click on change password 4.Enter the old password 5.Enter the new passwords Check the attachment as proof