Vulnerability in EPiServer.Forms
When we replaced an image in the CMS, we kept seeing an error:
"Timed out, or max file size exceeded"
We investigated all the solutions available online, but nothing worked.
Eventually we decompiled your code and found that an exception is thrown when you try to cast IContentMedia to IContent:
This only happens when we replace an image. Not when we upload a new image.
Steps to reproduce:
Image should upload with no error
Any ideas on a solution?
I can verify that on clean Alloy (v11.7) replace of the image works as expected.
Do you have any custom handlers or anything that might mess around this operation?
We removed all custom handlers and the problem persisted. In the end, we circumvented the issue by adding cache-busting so each image name was unique and avoided the rename issue.