diff --git a/lib/base.php b/lib/base.php
index e3ac3f2ee83ad..4a18bedb8cd3e 100644
--- a/lib/base.php
+++ b/lib/base.php
@@ -577,7 +577,9 @@ private static function performSameSiteCookieProtection(\OCP\IConfig $config): v
 			$processingScript = $processingScript[count($processingScript) - 1];
 
 			// index.php routes are handled in the middleware
-			if ($processingScript === 'index.php') {
+			// and cron.php does not need any authentication at all
+			if ($processingScript === 'index.php'
+				|| $processingScript === 'cron.php') {
 				return;
 			}