Vulnerability Details CVE-2025-15618
Business::OnlinePayment::StoredTransaction versions through 0.01 for Perl uses an insecure secret key.
Business::OnlinePayment::StoredTransaction generates a secret key by using a MD5 hash of a single call to the built-in rand function, which is unsuitable for cryptographic use.
This key is intended for encrypting credit card transaction data.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 15.3%
CVSS Severity
CVSS v3 Score 9.1
References