Description Authenticated users were able to enumerate other users' names via the learning plans page. Remediation References CVE-2023-28334 Related Vulnerabilities PostgreSQL Numeric Errors Vulnerability (CVE-2014-2669) WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Cross-Site Scripting (3.2.13) WordPress Plugin Maps Widget for Google Maps-Google Maps Builder Open Redirect (4.0) WordPress Plugin NextGEN Gallery-WordPress Gallery Multiple HTML Injection Vulnerabilities (1.9.0) Moodle Other Vulnerability (CVE-2004-2236) Severity Medium Classification CVE-2023-28334 CWE-639 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N Tags Missing Update Known Vulnerabilities