Description Authenticated users were able to enumerate other users' names via the learning plans page. Remediation References CVE-2023-28334 Related Vulnerabilities Apache Tomcat Other Vulnerability (CVE-2000-0760) PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2019-9025) Oracle Database Server CVE-2015-4740 Vulnerability (CVE-2015-4740) WordPress Plugin Disable Comments Cross-Site Request Forgery (1.0.3) Apache HTTP Server Uncontrolled Resource Consumption Vulnerability (CVE-2018-17189) Severity Medium Classification CVE-2023-28334 CWE-639 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N Tags Missing Update Known Vulnerabilities