diff --git a/lib/base.php b/lib/base.php
index 5bab5d9f3f699..53231999e8187 100644
--- a/lib/base.php
+++ b/lib/base.php
@@ -517,7 +517,9 @@ private static function performSameSiteCookieProtection(\OCP\IConfig $config): v
 			$processingScript = $processingScript[count($processingScript) - 1];
 
 			// index.php routes are handled in the middleware
-			if ($processingScript === 'index.php') {
+			// and cron.php does not need any authentication at all
+			if ($processingScript === 'index.php'
+				|| $processingScript === 'cron.php') {
 				return;
 			}