Unspecified vulnerability in the Boost module before 4.7.x-1.0, and 5.x before 5.x-1.0, for Drupal allows remote attackers to create or overwrite arbitrary files, and conduct cross-site scripting attacks (XSS) via unspecified vectors.Referenceshttp://drupal.org/node/180591http://osvdb.org/45493http://osvdb.org/45494https://exchange.xforce.ibmcloud.com/vulnerabilities/36939
