An improper authorization vulnerability exists where an authenticated,
low privileged remote attacker could view a list of all the users
available in the application.Read More