Authenticated users were able to enumerate other users' names via the learning plans page.
moodle moodle 4.0.0
moodle moodle 4.1.0
moodle moodle
moodle moodle 4.1.1
Vulmon