Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-29969. Reason: This candidate is a duplicate of CVE-2022-29969. A typo caused the wrong ID to be used. Notes: All CVE users should reference CVE-2022-29969 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage

The RSS extension before 2022-04-29 for MediaWiki allows XSS via an rss element (if the feed is in $wgRSSUrlWhitelist and $wgRSSAllowLinkTag is true).