Description
Authenticated users were able to enumerate other users' names via the learning plans page.
Remediation
References
Related Vulnerabilities
WebLogic Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2022-22965)
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-4790)
WordPress Plugin Improved Product Options for WooCommerce Security Bypass (5.2.0)