A vulnerability has been found in Ellucian Banner Self-Service up to 9.41/April T1 and classified as problematic . The impacted element is an unknown function of the component getFacultyMeetingTimes API Endpoint . Performing a manipulation of the argument faculty displayName/emailAddress/subjectDescription/courseTitle results in cross site scripting. This vulnerability is identified as CVE-2026-47106 . The attack can be initiated remotely. There is not any exploit available. The affected compone