Vulnerability in EPiServer.Forms
I'm getting the following error when trying to access the CMS back office: Unknown server tag 'EPiServerUI:ToolButton'. Instead of the login page I get this error. Haven't faced this issue before so I'm not sure what's the reason of it and how to solve it. I have attached an image which shows the issue I'm getting.
Here are some additional details:
- EPiServer CMS 7.5- IIS 7- .NET Framework 4.5
Could anyone help me with this? Thanks in advance.
EPiServerUI web control tag prefix is defined for "cms" location (or any other directory name where CMS admin interface is defined). Webcontrol tag prefix is defined to be handled by "EPiServer.UI.dll" file. Make sure that this .dll file exists in your application bin directory and app pool user has access to it. Which EPiServer version you are running (7.5 or above)?
Thank you for your answer, Valdis. I can confirm that I have the "EPiServer.UI.dll" file in the bin folder of the website. I can also confirm that the App Pool has the full access rights to the website files (including the bin folder). However, the problem was not up to that, but to the rights on the appdata folder. I had that folder shared on a network location where the App Pool user didn't have the full access rights and therefore this error has been shown. As soon as I copied this folder to my local file system the issue has disappeared.Your answer led me to check the permissions on all the places so I figured out where the problems comes from finally. Thanks again for your help.
If appData folder is located on network share, it's good that your app pool is running under some concrete user that has access other than AppPoolIdentity.