diff --git a/C4/Reports/Guided.pm b/C4/Reports/Guided.pm
index f69804c283..8558666041 100644
--- a/C4/Reports/Guided.pm
+++ b/C4/Reports/Guided.pm
@@ -623,6 +623,13 @@ sub execute_query {
         ->info("Report finished: $report_id") if $report_id;
 
     return ( $sth, { queryerr => $sth->errstr } ) if ( $sth->err );
+
+    foreach my $column ( @{ $sth->{NAME_lc} } ) {
+        if ( $column eq 'password' ) {
+            return ( $sth, { passworderr => $column } );
+        }
+    }
+
     return ($sth);
 }
 
diff --git a/koha-tmpl/intranet-tmpl/prog/en/modules/reports/guided_reports_start.tt b/koha-tmpl/intranet-tmpl/prog/en/modules/reports/guided_reports_start.tt
index 9dd38ba53b..ea57844345 100644
--- a/koha-tmpl/intranet-tmpl/prog/en/modules/reports/guided_reports_start.tt
+++ b/koha-tmpl/intranet-tmpl/prog/en/modules/reports/guided_reports_start.tt
@@ -1443,6 +1443,10 @@
                                     [% error.queryerr | html %]<br />Please check the log for further details.
                                 [% ELSIF ( error.cache_expiry ) %]
                                     Please select a cache expiry less than 30 days.
+                                [% ELSIF ( error.passworderr ) %]
+                                    The column selection in this report includes a password field.<br>
+                                    The report cannot be executed due to security risks.<br>
+                                    Please edit this report and ensure no password columns have been selected.
                                 [% ELSE %]
                                 [% END %]
                                 <div id="onerror_actions">
diff --git a/svc/report b/svc/report
index e36e913280..b5aa5ddb2a 100755
--- a/svc/report
+++ b/svc/report
@@ -74,7 +74,9 @@ unless ($json_text) {
             report_id  => $report_id,
         }
     );
-    if ($sth) {
+    if ($errors) {
+        $json_text = encode_json($errors);
+    } else {
         my $lines;
         if ($report_annotation) {
             $lines = $sth->fetchall_arrayref({});
@@ -88,9 +90,6 @@ unless ($json_text) {
             $cache->set_in_cache( $cache_key, $json_text, { expiry => $report_rec->cache_expiry } );
         }
     }
-    else {
-        $json_text = encode_json($errors);
-    }
 }
 
 print $query->header(
diff --git a/t/db_dependent/Reports/Guided.t b/t/db_dependent/Reports/Guided.t
index 6fda469ba0..0db1a6295b 100755
--- a/t/db_dependent/Reports/Guided.t
+++ b/t/db_dependent/Reports/Guided.t
@@ -18,7 +18,7 @@
 
 use Modern::Perl;
 
-use Test::More tests => 11;
+use Test::More tests => 12;
 use Test::Warn;
 
 use t::lib::TestBuilder;
@@ -499,6 +499,34 @@ subtest 'nb_rows() tests' => sub {
     $schema->storage->txn_rollback;
 };
 
+subtest 'Returning passwords tests' => sub {
+
+    plan tests => 3;
+
+    my $dbh = C4::Context->dbh;
+    $schema->storage->txn_begin;
+
+    my $query = q{ SELECT * FROM borrowers };
+
+    my ( $sth, $errors ) = execute_query( { sql => $query } );
+
+    is( defined($errors), 1, 'Query returns password field' );
+
+    $query = q{ SELECT * FROM z3950servers };
+
+    ( $sth, $errors ) = execute_query( { sql => $query } );
+
+    is( defined($errors), 1, 'Query returns password field' );
+
+    $query = q{ SELECT password FROM deletedborrowers };
+
+    ( $sth, $errors ) = execute_query( { sql => $query } );
+
+    is( defined($errors), 1, 'Query returns password field' );
+
+    $schema->storage->txn_rollback;
+};
+
 sub trim {
     my ($s) = @_;
     $s =~ s/^\s*(.*?)\s*$/$1/s;