CVE-2025-67202

ADVISORY - github

Summary

Sidekiq-cron thru 2.3.1, an open-source scheduling add-on for Sidekiq, is vulnerable to a cross-site scripting (xss) vulnerability via crafted URL being rended from cron.erb.

EPSS Score⁠: 0.0001 (0.012)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-79⁠

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

ADVISORY - github

CWE-79⁠

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Impacted images

Advisories

NIST

CREATED

8 days ago

UPDATED

6 days ago

ADVISORY IDCVE-2025-67202⁠

EXPLOITABILITY SCORE

2.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-79⁠

CVSS SCORE

6.1medium

GitHub

CREATED

7 days ago

UPDATED

2 days ago

ADVISORY IDGHSA-xv9c-mjw8-79gf⁠

EXPLOITABILITY SCORE

2.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-79⁠

CVSS SCORE

6.1medium