Some users expose Quartz's Scheduler functionality through an application user interface. This can be very useful, though it can also be extremely dangerous.

Be sure you do not mistakenly allow users to define jobs of any type they want, with whatever parameters they choose. For example, Quartz ships with a pre-made job org.quartz.jobs.NativeJob, which will execute any arbitrary native (operating system) system command that it is defined to. Malicious users could use this to take control of or destroy your system.

Likewise other jobs such as SendEmailJob, and virtually any others could be used for malicious intent.