CVE-2022-29969
The RSS extension before 2022-04-29 for MediaWiki allows XSS via an rss element (if the feed is in $wgRSSUrlWhitelist and $wgRSSAllowLinkTag is true).
6.1CVSS
5.9AI Score
0.001EPSS