Emumail, an open source web mail application, may reveal sensitive configuration information under certain conditions. When unexpected characters are inserted into certain fields in web mail forms, the form generates an error. The error page returned may contain the directory to the web root on the Emumail server.