GHSA-xv9c-mjw8-79gfMediumCVSS 6.1

Sidekiq-cron is vulnerable to a cross-site scripting (xss) vulnerability via crafted URL

Published
May 7, 2026
Last Modified
May 29, 2026

🔗 CVE IDs covered (1)

📋 Description

Sidekiq-cron thru 2.3.1, an open-source scheduling add-on for Sidekiq, is vulnerable to a cross-site scripting (xss) vulnerability via crafted URL being rended from cron.erb.

🎯 Affected products1

  • rubygems/sidekiq-cron:< 2.4.0

🔗 References (7)