What This Script Detects
Group Policy Preferences (GPP) Password Disclosure (MITRE ATT&CK T1552.006) scans SYSVOL for XML files containing cpassword attributes. Microsoft published the AES decryption key, making all GPP passwords trivially crackable.
Critical Vulnerability
ANY GPP password found in SYSVOL is compromised. These files are readable by all domain users.