Hotline Client 1.8.5 stores sensitive user information, including passwords, in plaintext in the bookmarks file, which could allow local users with access to the bookmarks file to gain privileges by extracting the passwords.