Jenkins · Jenkins Gerrit Trigger Plugin · CVE-2019-16551
**Name of the Vulnerable Software and Affected Versions**
Jenkins Gerrit Trigger Plugin versions 2.30.1 and earlier
**Description**
A cross-site request forgery issue allows attackers to connect to an attacker-specified HTTP URL or SSH server using attacker-specified credentials.
**Recommendations**
For Jenkins Gerrit Trigger Plugin versions 2.30.1 and earlier, update to a version later than 2.30.1 to resolve the issue.