diff --git a/application/loginwebpage.class.inc.php b/application/loginwebpage.class.inc.php
index 8f51eb10f..19357541b 100644
--- a/application/loginwebpage.class.inc.php
+++ b/application/loginwebpage.class.inc.php
@@ -846,8 +846,8 @@ EOF
 		{
 			$sAuthUser = $_SESSION['auth_user'];
 			UserRights::Login($sAuthUser); // Set the user's language
-			$sOldPwd = utils::ReadPostedParam('old_pwd', '', false, 'raw_data');
-			$sNewPwd = utils::ReadPostedParam('new_pwd', '', false, 'raw_data');
+			$sOldPwd = utils::ReadPostedParam('old_pwd', '', 'raw_data');
+			$sNewPwd = utils::ReadPostedParam('new_pwd', '', 'raw_data');
 			if (UserRights::CanChangePassword() && ((!UserRights::CheckCredentials($sAuthUser, $sOldPwd)) || (!UserRights::ChangePassword($sOldPwd, $sNewPwd))))
 			{
 				$oPage = self::NewLoginWebPage();
diff --git a/setup/wizardsteps.class.inc.php b/setup/wizardsteps.class.inc.php
index 1e3798c9c..94ea5318b 100644
--- a/setup/wizardsteps.class.inc.php
+++ b/setup/wizardsteps.class.inc.php
@@ -1012,7 +1012,7 @@ class WizStepMiscParams extends WizardStep
 		$oPage->add_ready_script(
 <<<EOF
 		$('#application_url').bind('change keyup', function() { WizardUpdateButtons(); } );
-		$('#graphviz_path').bind('change keyup init', function() { WizardUpdateButtons();  WizardAsyncAction('check_graphviz', { graphviz_path: $('#graphviz_path').val() }); } ).trigger('init');
+		$('#graphviz_path').bind('change keyup init', function() { WizardUpdateButtons();  WizardAsyncAction('check_graphviz', { graphviz_path: $('#graphviz_path').val(), authent: $('#authent_token').val()}); } ).trigger('init');
 		$('#btn_next').click(function() {
 			bRet = true;
 			if ($(this).attr('data-graphviz') != 'ok')
@@ -1134,10 +1134,12 @@ class WizStepUpgradeMiscParams extends WizardStep
 		$oPage->add('<tr><td colspan="2"><span id="graphviz_status"></span></td><tr>');
 		$oPage->add('</table>');
 		$oPage->add('</fieldset>');
+		$sAuthentToken = $this->oWizard->GetParameter('authent', '');
+		$oPage->add('<input type="hidden" id="authent_token" value="'.$sAuthentToken.'"/>');
 		$oPage->add_ready_script(
 <<<EOF
 		$('#application_url').bind('change keyup', function() { WizardUpdateButtons(); } );
-		$('#graphviz_path').bind('change keyup init', function() { WizardUpdateButtons();  WizardAsyncAction('check_graphviz', { graphviz_path: $('#graphviz_path').val() }); } ).trigger('init');
+		$('#graphviz_path').bind('change keyup init', function() { WizardUpdateButtons();  WizardAsyncAction('check_graphviz', { graphviz_path: $('#graphviz_path').val(), authent: $('#authent_token').val() }); } ).trigger('init');
 		$('#btn_next').click(function() {
 			bRet = true;
 			if ($(this).attr('data-graphviz') != 'ok')