AlphaMail before 1.0.16 allows local users to obtain sensitive information via the logging functionality, which displays unencrypted passwords in an error message. NOTE: some details are obtained from third party information.