Vulnerability in EPiServer.Forms
I've encountered this issue on two composer based sites now.
You can check it here, and you'll notice the site is not displaying correctly. This is based on the overlook template.
Looks like the CSS isn't applied properly.
But once you log in, the site would display correctly.
Is there any known issue with this? Encountered this on two sites already so I guess this is not an isolated case.
Looks like you have a <authorization>-element in your web.config that blocks anonymous access to the scripts and style-files. Either fix that or add <location>-elements with separate <authorization>-elements for styles and scripts directories.