Lucene search
+L

236 matches found

nuclei
nuclei
added yesterday44 views

Sidekiq <=6.2.0 - Cross-Site Scripting

Sidekiq through 5.1.3 and 6.x through 6.2.0 contains a cross-site scripting vulnerability via the queue name of the live-poll feature when Internet Explorer is used. id: CVE-2021-30151 info: name: Sidekiq =6.2.0 - Cross-Site Scripting author: DhiyaneshDk severity: medium description: Sidekiq...

6.1CVSS6.3AI score0.04158EPSS
Exploits1References5
nuclei
nuclei
added yesterday55 views

Sidekiq < 7.0.8 - Cross-Site Scripting

An XSS vulnerability on a Sidekiq admin panel can pose serious risks to the security and functionality of the system. id: CVE-2023-1892 info: name: Sidekiq 7.0.8 - Cross-Site Scripting author: ritikchaddha,princechaddha severity: critical description: | An XSS vulnerability on a Sidekiq admin pan...

9.6CVSS7AI score0.02742EPSS
Exploits1References3
redhatcve
redhatcve
added 2026/05/18 2:27 p.m.26 views

CVE-2025-67202

A flaw was found in Sidekiq-cron, an open-source scheduling add-on for Sidekiq. A remote attacker could exploit this cross-site scripting XSS vulnerability by injecting malicious scripts into a crafted URL. When this URL is rendered from cron.erb, the attacker's script would execute in the victim...

6.1CVSS5.7AI score0.00194EPSS
Exploits0References5
euvd
euvd
added 2026/05/07 3:38 p.m.19 views

EUVD-2025-209725

Sidekiq-cron thru 2.3.1, an open-source scheduling add-on for Sidekiq, is vulnerable to a cross-site scripting xss vulnerability via crafted URL being rended from cron.erb...

5.6AI score0.00194EPSS
Exploits0References3
osv
osv
added 2026/05/07 3:38 p.m.11 views

GHSA-XV9C-MJW8-79GF Sidekiq-cron is vulnerable to a cross-site scripting (xss) vulnerability via crafted URL

Sidekiq-cron thru 2.3.1, an open-source scheduling add-on for Sidekiq, is vulnerable to a cross-site scripting xss vulnerability via crafted URL being rended from cron.erb...

6.1CVSS5.6AI score0.00194EPSS
Exploits0References7
github
github
added 2026/05/07 3:38 p.m.23 views

Sidekiq-cron is vulnerable to a cross-site scripting (xss) vulnerability via crafted URL

Sidekiq-cron thru 2.3.1, an open-source scheduling add-on for Sidekiq, is vulnerable to a cross-site scripting xss vulnerability via crafted URL being rended from cron.erb...

6.1CVSS5.6AI score0.00194EPSS
Exploits0References7Affected Software1
nvd
nvd
added 2026/05/07 3:16 p.m.15 views

CVE-2025-67202

Sidekiq-cron thru 2.3.1, an open-source scheduling add-on for Sidekiq, is vulnerable to a cross-site scripting xss vulnerability via crafted URL being rended from cron.erb...

6.1CVSS0.00194EPSS
Exploits0References2
attackerkb
attackerkb
added 2026/05/07 12:0 a.m.6 views

CVE-2025-67202

Sidekiq-cron thru 2.3.1, an open-source scheduling add-on for Sidekiq, is vulnerable to a cross-site scripting xss vulnerability via crafted URL being rended from cron.erb...

5.6AI score0.00194EPSS
Exploits0References3
cvelist
cvelist
added 2026/05/07 12:0 a.m.46 views

CVE-2025-67202

Sidekiq-cron thru 2.3.1, an open-source scheduling add-on for Sidekiq, is vulnerable to a cross-site scripting xss vulnerability via crafted URL being rended from cron.erb...

0.00194EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/05/07 12:0 a.m.16 views

PT-2026-38440

Name of the Vulnerable Software and Affected Versions Sidekiq-cron versions prior to 2.3.2 Description Sidekiq-cron, an open-source scheduling add-on for Sidekiq, contains a cross-site scripting XSS flaw. This issue occurs when a crafted URL is rendered from the cron.erb file, allowing an attacke...

6.1CVSS5.7AI score0.00194EPSS
Exploits0References5
cnnvd
cnnvd
added 2026/05/07 12:0 a.m.9 views

sidekiq-cron 安全漏洞

sidekiq-cron is an open-source scheduling plugin for tasks based on Cron expressions. Versions of sidekiq-cron 2.3.1 and earlier contain security vulnerabilities; these vulnerabilities stem from the possibility of cross-site scripting attacks caused by rendering malicious URLs through the cron.er...

6.1CVSS5.7AI score0.00194EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/05/07 12:0 a.m.8 views

CVE-2025-67202

Sidekiq-cron thru 2.3.1, an open-source scheduling add-on for Sidekiq, is vulnerable to a cross-site scripting xss vulnerability via crafted URL being rended from cron.erb...

5.6AI score0.00194EPSS
Exploits0References2
cve
cve
added 2026/05/07 12:0 a.m.13 views

CVE-2025-67202

CVE-2025-67202 affects Sidekiq-cron up to version 2.3.1. The vulnerability is a cross-site scripting (XSS) flaw triggered by a crafted URL rendered from cron.erb, enabling user-visible script execution in certain contexts. The available sources identify the affected component as the open-source S...

6.1CVSS5.6AI score0.00194EPSS
Exploits0References2
osv
osv
added 2026/05/07 12:0 a.m.4 views

CVE-2025-67202

Sidekiq-cron thru 2.3.1, an open-source scheduling add-on for Sidekiq, is vulnerable to a cross-site scripting xss vulnerability via crafted URL being rended from cron.erb...

6.1CVSS5.8AI score0.00194EPSS
Exploits0References4
rubygems
rubygems
added 2026/05/07 12:0 a.m.5 views

Sidekiq-cron is vulnerable to a cross-site scripting (xss) vulnerability via crafted URL

Sidekiq-cron thru 2.3.1, an open-source scheduling add-on for Sidekiq, is vulnerable to a cross-site scripting xss vulnerability via crafted URL being rended from cron.erb...

6.1CVSS5.6AI score0.00194EPSS
Exploits0References1Affected Software1
nessus
nessus
added 2026/04/20 12:0 a.m.4 views

Debian dla-4407 : ruby-sidekiq - security update

The remote Debian 11 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-4407 advisory. - ----------------------------------------------------------------------- Debian LTS Advisory DLA-4407-1 [email protected]...

7.5CVSS5.9AI score0.05258EPSS
Exploits2References6
osv
osv
added 2025/12/15 12:0 a.m.6 views

DLA-4407-1 ruby-sidekiq - security update

Bulletin has no description...

7.5CVSS6.9AI score0.05258EPSS
Exploits2
openvas
openvas
added 2025/12/15 12:0 a.m.2 views

Debian: Security Advisory (DLA-4407-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.8AI score0.05258EPSS
Exploits2References2
debian
debian
added 2025/12/14 7:20 p.m.70 views

[SECURITY] [DLA 4407-1] ruby-sidekiq security update

----------------------------------------------------------------------- Debian LTS Advisory DLA-4407-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta December 15, 2025 https://wiki.debian.org/LTS -...

7.5CVSS6.2AI score0.05258EPSS
Exploits2
euvd
euvd
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-7906

Malware in sbrugna...

9.8CVSS9.3AI score0.02147EPSS
Exploits1References4
Rows per page
Query Builder