Sidekiq-cron thru 2.3.1, an open-source scheduling add-on for Sidekiq, is vulnerable to a cross-site scripting (xss) vulnerability via crafted URL being rended from cron.erb.
Metrics
Affected Vendors & Products
| Vendors | Products |
|---|---|
| Sidekiq-cron |
|
No data.
No data.
OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.
| Vendors | Products |
|---|---|
| Sidekiq-cron |
|
References
History
Thu, 07 May 2026 21:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Sidekiq-cron
Sidekiq-cron sidekiq-cron |
|
| Vendors & Products |
Sidekiq-cron
Sidekiq-cron sidekiq-cron |
Thu, 07 May 2026 16:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Cross‑Site Scripting via Malicious URL Rendering in Sidekiq‑cron | |
| Weaknesses | CWE-79 |
Thu, 07 May 2026 14:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Sidekiq-cron thru 2.3.1, an open-source scheduling add-on for Sidekiq, is vulnerable to a cross-site scripting (xss) vulnerability via crafted URL being rended from cron.erb. | |
| References |
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2026-05-07T13:54:10.412Z
Reserved: 2025-12-08T00:00:00.000Z
Link: CVE-2025-67202
Vulnrichment
No data.
NVD
Status : Awaiting Analysis
Published: 2026-05-07T15:16:04.947
Modified: 2026-05-07T15:53:49.717
Link: CVE-2025-67202
Redhat
No data.
OpenCVE Enrichment
Updated: 2026-05-07T21:25:17Z