You can use the graph API to retrieve the profile photo.
Refer: https://learn.microsoft.com/en-us/graph/api/profilephoto-get?view=graph-rest-1.0&tabs=http
The profile photo can be retrieved by users with a minimum of "Contacts. Read" Permission. Since it is an internal application, I believe, users are authenticated with Azure AD, and they will be able to call Get profile photo API.
Hope this helps