Insecure API Response Leads to Disclosure of Hashed Passwords

A security vulnerability has been identified in the API of ████████. The endpoint ████████ is found to return sensitive user information, including hashed passwords, in its response. This exposure presents a significant security risk as it potentially allows unauthorized access to user credentials. The vulnerability is further exacerbated by the use of sequential numerical IDs, which makes user accounts susceptible to enumeration attacks.