Merge pull request #14680 from projectdiscovery/pussycat0x-patch-8

Create aem-jcr-exposure.yaml

Author: DhiyaneshGeek

http/misconfiguration/aem/aem-jcr-exposure.yaml

@@ -0,0 +1,32 @@
+id: aem-jcr-exposure
+
+info:
+  name: Adobe AEM JCR Compare Exposure
+  author: pussycat0x
+  severity: medium
+  description: |
+    Detected an exposed Adobe AEM JCR compare functionality that was accessible without proper authorization. This exposure may have allowed attackers to infer repository structure or sensitive content through comparison operations.
+  reference:
+    - https://experienceleague.adobe.com/docs/experience-manager-65/administering/security/security-checklist.html
+    - https://medium.com/@vsr061/adobe-experience-manager-security-issues-9b5bd24e0eb0
+  metadata:
+    verified: true
+    max-request: 1
+    shodan-query: http.component:"Adobe Experience Manager"
+  tags: aem,adobe,exposure,misconfiguration,jcr
+
+http:
+  - method: GET
+    path:
+      - "{{BaseURL}}/jcr:content.json"
+      - "{{BaseURL}}/etc/replication/agents.author/publish/jcr:content.json"
+
+    stop-at-first-match: true
+
+    matchers:
+      - type: dsl
+        dsl:
+          - status_code == 200
+          - contains(content_type, "application/json")
+          - contains_all(body, "jcr:createdBy", "cq:template")
+        condition: and