The system messages ob-view-proof, ob-view-no-evidence, and ob-view-evidence are used unescaped: https://github.com/wikimedia/mediawiki-extensions-OpenBadges/blob/a8d210903f0f0df1d3aa630b020576acc1a5e716/includes/specials/BadgesPager.php#L101-L125
Screenshot of XSS:
