Headline
CVE-2023-24081: TutorTrac — Redrock Software Corporation
Multiple stored cross-site scripting (XSS) vulnerabilities in Redrock Software TutorTrac before v4.2.170210 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the reason and location fields of the visits listing page.
TutorTrac is the complete management solution developed for the specific needs of learning, writing, tutoring, academic skills and other centers that support students in higher education. As a web-based application, TutorTrac provides on-demand access to essential tools, such as appointment scheduling, logging visits and activity reports. Record contact with students in any physical location or online environment. Find and schedule appointments with tutors based on specific subjects. Track the activity of specific populations of students, such as athletes or first-year students, to identify usage and support needs. Enter attendance for required sessions or workshops. Link activity to course enrollments and faculty. Supply powerful instruments to staff and deliver more services to students, yet simplify the management of your centers with TutorTrac.
TutorTrac Features:
Web-Based Access
Customizable reports
Powerful Search
Campus Portal Support
Automation of Tasks
Custom Emails
Integration with Campus Colors & Logos
High-Level TLS Encryption
Multi-Person Study Table Help
Utilize ID card readers
Testing Center support
Center Specific Preferences
Self-Service Kiosks
Online Scheduling
Online Appointments
Workshop Enrollment & Management
Flag Students
CAS Integration
Surveys & Questionnaires
Supplemental Instruction
Custom Access Levels & Security
Text Notifications
Syncing to Calendars & Online Applications
Collaborative Writing Center Help
Reporting