EUVD-2025-209725

Sidekiq-cron thru 2.3.1, an open-source scheduling add-on for Sidekiq, is vulnerable to a cross-site scripting xss vulnerability via crafted URL being rended from cron.erb...

GHSA-XV9C-MJW8-79GF Sidekiq-cron is vulnerable to a cross-site scripting (xss) vulnerability via crafted URL

Sidekiq-cron thru 2.3.1, an open-source scheduling add-on for Sidekiq, is vulnerable to a cross-site scripting xss vulnerability via crafted URL being rended from cron.erb...

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the rendering process in cron.erb. An attacker can execute arbitrary JavaScript in the context of the user's browser by supplying a crafted URL. Details Cross-site scripting or XSS is a code vulnerability th...

CVE-2025-67202

CVE-2025-67202 affects Sidekiq-cron up to version 2.3.1. The vulnerability is a cross-site scripting (XSS) flaw triggered by a crafted URL rendered from cron.erb, enabling user-visible script execution in certain contexts. The available sources identify the affected component as the open-source S...

CVE-2025-67202

Sidekiq-cron thru 2.3.1, an open-source scheduling add-on for Sidekiq, is vulnerable to a cross-site scripting xss vulnerability via crafted URL being rended from cron.erb...

PT-2026-38440

Name of the Vulnerable Software and Affected Versions Sidekiq-cron versions prior to 2.3.2 Description Sidekiq-cron, an open-source scheduling add-on for Sidekiq, contains a cross-site scripting XSS flaw. This issue occurs when a crafted URL is rendered from the cron.erb file, allowing an attacke...

CVE-2025-67202

Sidekiq-cron thru 2.3.1, an open-source scheduling add-on for Sidekiq, is vulnerable to a cross-site scripting xss vulnerability via crafted URL being rended from cron.erb...