Vulnerability in EPiServer.Forms
Is it possible to upload media files of type .zip in episerver?If yes, how should the media descriptor then look?
I tried to do the following, but upload fails in the editor:
[MediaDescriptor(ExtensionString = "zip")]
public class ZipFile : MediaData
Try with a small zip to check that it's not the MaxRequestLength setting that messes up...
Normally you want to add a guid to the above as well...
I found that by removing the file extension it was possible, so I guess that's some solution, although it's not a very logical one...
public class GenericFile : MediaData
Hmm strange. Works well with the extensionstring with "zip" for me in a clean CMS 9 solution.