The vulnerability CVE-2024-29767 in Wobbie.nl Doneren met Mollie is a reflected cross-site scripting (CWE-79) issue caused by improper input neutralization during web page generation. It affects versions up to 2.10.2 and allows attackers to inject malicious scripts that execute in the context of the victim's browser. The CVSS 3.1 base score is 7.1, with network attack vector, low attack complexity, no privileges required, user interaction required, scope changed, and impacts on confidentiality, integrity, and availability. No vendor-provided patch or official remediation is currently documented.

Successful exploitation of this vulnerability could allow an attacker to execute arbitrary scripts in the context of the affected web application, potentially leading to theft of user credentials, session hijacking, or other malicious actions impacting confidentiality, integrity, and availability. The reflected nature of the XSS requires user interaction to trigger the malicious payload. There are no known active exploits reported.

Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, users should consider applying input validation or output encoding workarounds if feasible. Monitor vendor channels for updates and avoid exposing vulnerable versions in high-risk environments. No official mitigation or temporary fix is currently documented.