moodle/moodle is vulnerable to Information Disclosure. The vulnerability exists because authenticated user privileges are not properly validated in page_helper.php
which allows an attacker to access sensitive information and enumerate other users names via the learning plans page.