Vulnerability in EPiServer.Forms
I've seen some default page controllers which look more or less like the example in http://blog.huilaaja.net/2014/02/07/episerver-default-controller-to-avoid-dummy-controllers/
Check out this gist for a modified version https://gist.github.com/rbaarda/b2a753f09053411859bbThis modified default controller respects the view locations set in the view engine and uses the page type as controller name. So you don't need to hardcode that view path in the controller anymore.Next to that, you could implement your own view engine and add extra view locations which will be searched as well when using the default controller.I've also made a similar defaultcontroller for blocks including a preview controller.
I thought maybe it could be of use to someone, let me hear what you think.