Comparison Overview

Indiana Virtual Academy merged with Indiana Online

VS

CrossTrainer®

Indiana Virtual Academy merged with Indiana Online

undefined, undefined, undefined, undefined, US
Last Update: 2025-12-03
View Profile
Between 750 and 799
http://www.indianaonline.org

Central Indiana Educational Service Center (CIESC) is pleased to announce the merger between Indiana Virtual Academy (IndVA) and Indiana Online (IO). “This mutually beneficial acquisition will provide enhanced online courses and services to current IndVA clients, while also growing IO’s statewide impact,” says CIESC Executive Director, Dr. Andrew Melin. “This merger makes IO the largest non-profit provider of online services in the state of Indiana.” Indiana Online offers full-time and supplemental online high school courses in partnership with over 300 high schools statewide. All courses are designed to meet the Indiana State Standards, are accredited by Cognia (formerly AdvancED), and approved by the NCAA. See less

NAICS: None
NAICS Definition:
Employees: 1
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0
View Profile

CrossTrainer®

undefined, Warren, RI, 02885, US
Last Update: 2025-12-02
Between 750 and 799
http://www.crosstrainerlearning.com

Welcome to CrossTrainer, an industry-leading eLearning provider founded in 2008. With over a decade of experience, we offer innovative eLearning solutions designed to improve employee performance, drive engagement, and support lifelong learning. We believe in the power of technology to transform the learning experience and provide a comprehensive range of eLearning services, including virtual reality, augmented reality, gamification, and LMS administration. Our team of experts leverages the latest technologies to create dynamic and engaging learning experiences that deliver measurable results. Your employees should be able to access their training anytime, anywhere, ensuring that learning is always within reach. That is why our eLearning solutions are compatible with all devices, including computers, smartphones, and tablets. If you have learning content and you're looking for a partner to help drive employee engagement and skills development through eLearning, augmented reality, virtual reality, gamification, or LMS administration, look no further. Contact us today to learn more about how we can help you achieve your learning and development goals. 2022 Rhode Island Monthly Tech 10 Winner 2018 Providence Business News' Most Innovative Service Provider

NAICS: None
NAICS Definition: Others
Employees: 24
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/indiana-virtual-academy.jpeg
Indiana Virtual Academy merged with Indiana Online
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
https://images.rankiteo.com/companyimages/crosstrainer-mobile-learning.jpeg
CrossTrainer®
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
Compliance Summary
Indiana Virtual Academy merged with Indiana Online
100%
Compliance Rate
0/4 Standards Verified
CrossTrainer®
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs E-learning Industry Average (This Year)

No incidents recorded for Indiana Virtual Academy merged with Indiana Online in 2025.

Incidents vs E-learning Industry Average (This Year)

No incidents recorded for CrossTrainer® in 2025.

Incident History — Indiana Virtual Academy merged with Indiana Online (X = Date, Y = Severity)

Indiana Virtual Academy merged with Indiana Online cyber incidents detection timeline including parent company and subsidiaries

Incident History — CrossTrainer® (X = Date, Y = Severity)

CrossTrainer® cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/indiana-virtual-academy.jpeg
Indiana Virtual Academy merged with Indiana Online
Incidents

No Incident

https://images.rankiteo.com/companyimages/crosstrainer-mobile-learning.jpeg
CrossTrainer®
Incidents

No Incident

FAQ

Indiana Virtual Academy merged with Indiana Online company demonstrates a stronger AI Cybersecurity Score compared to CrossTrainer® company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Historically, CrossTrainer® company has disclosed a higher number of cyber incidents compared to Indiana Virtual Academy merged with Indiana Online company.

In the current year, CrossTrainer® company and Indiana Virtual Academy merged with Indiana Online company have not reported any cyber incidents.

Neither CrossTrainer® company nor Indiana Virtual Academy merged with Indiana Online company has reported experiencing a ransomware attack publicly.

Neither CrossTrainer® company nor Indiana Virtual Academy merged with Indiana Online company has reported experiencing a data breach publicly.

Neither CrossTrainer® company nor Indiana Virtual Academy merged with Indiana Online company has reported experiencing targeted cyberattacks publicly.

Neither Indiana Virtual Academy merged with Indiana Online company nor CrossTrainer® company has reported experiencing or disclosing vulnerabilities publicly.

Neither Indiana Virtual Academy merged with Indiana Online nor CrossTrainer® holds any compliance certifications.

Neither company holds any compliance certifications.

Neither Indiana Virtual Academy merged with Indiana Online company nor CrossTrainer® company has publicly disclosed detailed information about the number of their subsidiaries.

CrossTrainer® company employs more people globally than Indiana Virtual Academy merged with Indiana Online company, reflecting its scale as a E-learning.

Neither Indiana Virtual Academy merged with Indiana Online nor CrossTrainer® holds SOC 2 Type 1 certification.

Neither Indiana Virtual Academy merged with Indiana Online nor CrossTrainer® holds SOC 2 Type 2 certification.

Neither Indiana Virtual Academy merged with Indiana Online nor CrossTrainer® holds ISO 27001 certification.

Neither Indiana Virtual Academy merged with Indiana Online nor CrossTrainer® holds PCI DSS certification.

Neither Indiana Virtual Academy merged with Indiana Online nor CrossTrainer® holds HIPAA certification.

Neither Indiana Virtual Academy merged with Indiana Online nor CrossTrainer® holds GDPR certification.

Latest Global CVEs (Not Company-Specific)

Description

HedgeDoc is an open source, real-time, collaborative, markdown notes application. Prior to 1.10.4, some of HedgeDoc's OAuth2 endpoints for social login providers such as Google, GitHub, GitLab, Facebook or Dropbox lack CSRF protection, since they don't send a state parameter and verify the response using this parameter. This vulnerability is fixed in 1.10.4.

Published
Date
2025-12-05
Updated
Date
2025-12-05
Risk Information
cvss3
Base: 3.7
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N
References
Description

Langflow versions up to and including 1.6.9 contain a chained vulnerability that enables account takeover and remote code execution. An overly permissive CORS configuration (allow_origins='*' with allow_credentials=True) combined with a refresh token cookie configured as SameSite=None allows a malicious webpage to perform cross-origin requests that include credentials and successfully call the refresh endpoint. An attacker-controlled origin can therefore obtain fresh access_token / refresh_token pairs for a victim session. Obtained tokens permit access to authenticated endpoints — including built-in code-execution functionality — allowing the attacker to execute arbitrary code and achieve full system compromise.

Published
Date
2025-12-05
Updated
Date
2025-12-05
Risk Information
cvss4
Base: 9.4
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A vulnerability was detected in xerrors Yuxi-Know up to 0.4.0. This vulnerability affects the function OtherEmbedding.aencode of the file /src/models/embed.py. Performing manipulation of the argument health_url results in server-side request forgery. The attack can be initiated remotely. The exploit is now public and may be used. The patch is named 0ff771dc1933d5a6b78f804115e78a7d8625c3f3. To fix this issue, it is recommended to deploy a patch. The vendor responded with a vulnerability confirmation and a list of security measures they have established already (e.g. disabled URL parsing, disabled URL upload mode, removed URL-to-markdown conversion).

Published
Date
2025-12-05
Updated
Date
2025-12-05
Risk Information
cvss2
Base: 5.8
Severity: LOW
AV:N/AC:L/Au:M/C:P/I:P/A:P
cvss3
Base: 4.7
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 5.1
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A security vulnerability has been detected in Rarlab RAR App up to 7.11 Build 127 on Android. This affects an unknown part of the component com.rarlab.rar. Such manipulation leads to path traversal. It is possible to launch the attack remotely. Attacks of this nature are highly complex. It is indicated that the exploitability is difficult. The exploit has been disclosed publicly and may be used. Upgrading to version 7.20 build 128 is able to mitigate this issue. You should upgrade the affected component. The vendor responded very professional: "This is the real vulnerability affecting RAR for Android only. WinRAR and Unix RAR versions are not affected. We already fixed it in RAR for Android 7.20 build 128 and we publicly mentioned it in that version changelog. (...) To avoid confusion among users, it would be useful if such disclosure emphasizes that it is RAR for Android only issue and WinRAR isn't affected."

Published
Date
2025-12-05
Updated
Date
2025-12-05
Risk Information
cvss2
Base: 5.1
Severity: HIGH
AV:N/AC:H/Au:N/C:P/I:P/A:P
cvss3
Base: 5.0
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
cvss4
Base: 2.3
Severity: HIGH
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A weakness has been identified in ZSPACE Q2C NAS up to 1.1.0210050. Affected by this issue is the function zfilev2_api.OpenSafe of the file /v2/file/safe/open of the component HTTP POST Request Handler. This manipulation of the argument safe_dir causes command injection. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way.

Published
Date
2025-12-05
Updated
Date
2025-12-05
Risk Information
cvss2
Base: 9.0
Severity: LOW
AV:N/AC:L/Au:S/C:C/I:C/A:C
cvss3
Base: 8.8
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
cvss4
Base: 7.4
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References