It was observed that if a users is given read access on the user account management section of the admin panel can view the password hashes of all users, including the admin user. This exposure can potentially lead to privilege escalation if an attacker can crack these password hashes.
An attacker with read access can:
View and potentially crack the password hashes.
Gain administrative access by cracking the admin password hash.
Escalate privileges and compromise the entire admin panel.
Log in to the admin panel with an account that has read access to user accounts and navigate to the user account management section.
Go to the admin profile http://127.0.0.1/admin/accounts/users/admin; The password is not display. Try inspecting the page source code as shown in the following figures:Click to open external image
X41 is an expert provider for application security services.
Having extensive industry experience and expertise in the area of information
security, a strong core security team of world class security experts enables
X41 to perform premium security services.
Fields of expertise in the area of application security are security centered
code reviews, binary reverse engineering and vulnerability discovery.
Custom research and IT security consulting and support services are core
competencies of X41.
Detect and mitigate CVE-2025-66304 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects
contain no disclosed vulnerabilities.
Learn more about Dependency Scanning →