Description Authenticated users were able to enumerate other users' names via the learning plans page. Remediation References CVE-2023-28334 Related Vulnerabilities MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-8628) MySQL CVE-2020-2780 Vulnerability (CVE-2020-2780) SharePoint CVE-2022-44693 Vulnerability (CVE-2022-44693) PostgreSQL Other Vulnerability (CVE-2002-1399) Apache Traffic Server Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2023-33934) Severity Medium Classification CVE-2023-28334 CWE-639 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N Tags Missing Update Known Vulnerabilities