Vulnerability in EPiServer.Forms
I just upgraded to CMS 11.30.1 and Commerce 13.26.0 and now I get this exception when calling ContentRepository.GetReferencesToContent(contentReference, false)
[ArgumentException: An element with the same key already exists in the dictionary.]
System.ThrowHelper.ThrowArgumentException(ExceptionResource resource) +59
System.Collections.Generic.Dictionary`2.Insert(TKey key, TValue value, Boolean add) +675
System.Linq.Enumerable.ToDictionary(IEnumerable`1 source, Func`2 keySelector, Func`2 elementSelector, IEqualityComparer`1 comparer) +334
EPiServer.DataAbstraction.ReferenceInformation.CreateReferenceInformation(DataTable data, ILanguageBranchRepository languageBranchRepository, IPermanentLinkMapper permanentLinkMapper) +3124
EPiServer.Core.Internal.DefaultContentProvider.GetReferencesToContentItems(IEnumerable`1 contentLinks) +181
EPiServer.Core.Internal.<>c__DisplayClass45_0.<GetReferencesToContent>b__0(ContentProvider p) +89
EPiServer.Core.ContentProviderMap.Iterate(Action`1 contentProviderHandler) +144
EPiServer.Core.Internal.DefaultContentRepository.GetReferencesToContent(ContentReference contentLink, IEnumerable`1 descendents, Boolean includeDescendants) +205
Any idea why?
Looks like a new bug introduced in CMS Core 11.20. I will file a bug to CMS Core team (and will move this thread to CMS Forum). Thanks for bringing this into our attention
I cannot find this bug in the buglist but maybe it is not supposed to be seen there?
Yes, the bug needs to be "triaged" by CMS Core team, that is when they decide to fix it (and when), and if it should be public or not (in this case it should, but the description should be reviewed and cleared before making it public)
Any news about this one? We cannot upgrade untils this bug is fixed.
It is in progress but that's it. I ping-ed the developer who is assigned to this bug, we'll see.
Ok, can I find it in the bug list yet?
Not yet, they need to make it public first. Once you can follow it CMS-17307
The bug is now fixed and will be released in 11.20.3 :)