Vulnerability in EPiServer.Forms
We have a custom service that can create draft content using the IContentRepository and some of the content properties are annotated with the [Required] attribute. The service does not always have the content required for those fields and a content editor has to add the missing content before publishing.
We could use the approach described in the article below — however the problem is that the properties should still be required when the user creates content but not when it is created by our service.
When doing it by code you can send in a SkipValidation flag
_contentRepository.Save(IContent, SaveAction.SkipValidation | SaveAction.Publish, AccessLevel.NoAccess);
That should skip the validation for the required attributes if I remember correctly