Eugeny Tabby Sends Password Despite Host Key Verification Failure
An issue in Eugeny Tabby 1.0.213 allows a remote attacker to obtain sensitive information via the server and sends the SSH username and password even when the host key verification fails.