CVE-2026-47106 | Ellucian Banner Self-Service up to 9.41/April T1 getFacultyMeetingTimes API Endpoint cross site scripting

A vulnerability has been found in Ellucian Banner Self-Service up to 9.41/April T1 and classified as problematic. The impacted element is an unknown function of the component getFacultyMeetingTimes API Endpoint. Performing a manipulation of the argument faculty displayName/emailAddress/subjectDescription/courseTitle results in cross site scripting.

This vulnerability is identified as CVE-2026-47106. The attack can be initiated remotely. There is not any exploit available.

The affected component should be upgraded.VulDB Recent EntriesRead More