diff --git a/misconfiguration/tomcat-cookie-exposed.yaml b/misconfiguration/tomcat-cookie-exposed.yaml
new file mode 100644
index 0000000000..4ae6c116db
--- /dev/null
+++ b/misconfiguration/tomcat-cookie-exposed.yaml
@@ -0,0 +1,28 @@
+id: tomcat-cookie-exposed
+
+info:
+  name: Tomcat Cookie Exposed
+  author: tess,dk999
+  severity: low
+  reference:
+    - https://medium.com/bugbountywriteup/apache-example-servlet-leads-to-61a2720cac20
+  metadata:
+    verified: true
+  tags: misconfig,apache,tomcat,exposure
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/examples/servlets/servlet/CookieExample"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "Cookies Example"
+          - "Your browser is sending the following cookies:"
+        condition: and
+
+      - type: status
+        status:
+          - 200