Lucene search
K

5 matches found

Cvelist
Cvelist
added 2026/06/09 7:15 p.m.30 views

CVE-2026-47106 Ellucian Banner Self-Service Stored XSS via getFacultyMeetingTimes API

Ellucian Banner Self-Service before the April T2 release 2025-04-23 contains a stored cross-site scripting vulnerability in the course search functionality that allows authenticated Banner ERP users to inject malicious payloads into faculty and course fields by exploiting missing HTML encoding...

5.4CVSS0.00196EPSS
Exploits0References3
CVE
CVE
added 2026/06/09 7:15 p.m.16 views

CVE-2026-47106

CVE-2026-47106 affects Ellucian Banner Self-Service prior to the April T2 release. The issue is a stored cross-site scripting (XSS) vulnerability in the course search functionality caused by missing HTML encoding during DOM insertion. Malicious JavaScript can be stored in fields such as faculty d...

5.4CVSS5.6AI score0.00196EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/09 7:14 p.m.8 views

CVE-2026-32856 Ellucian Banner Self-Service Reflected XSS via dateConverter

Ellucian Banner Self-Service before the April T2 release 2025-04-23 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to execute arbitrary JavaScript in a victim's browser by injecting unsanitized input through the toDateFormat request parameter in the...

6.1CVSS5.6AI score0.0022EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/09 7:14 p.m.13 views

EUVD-2026-35795

Ellucian Banner Self-Service before the April T2 release 2025-04-23 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to execute arbitrary JavaScript in a victim's browser by injecting unsanitized input through the toDateFormat request parameter in the...

6.1CVSS5.6AI score0.0022EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.13 views

Ellucian Banner Self-Service 跨站脚本漏洞

Ellucian Banner Self-Service is a higher education self-service platform developed by the American company Ellucian. Versions of Ellucian Banner Self-Service prior to 2025-04-23 had a cross-site scripting vulnerability. This vulnerability stemmed from the lack of proper cleaning of the input...

6.1CVSS5.4AI score0.0022EPSS
Exploits0References1
Rows per page
Query Builder