From 82ee1f47df39d56fe2d44863a6eeef239d71fb30 Mon Sep 17 00:00:00 2001
From: Dhiyaneshwaran <leedhiyanesh@gmail.com>
Date: Thu, 1 Sep 2022 17:17:32 +0530
Subject: [PATCH] Create aem-acs-common.yaml

---
 misconfiguration/aem/aem-acs-common.yaml | 32 ++++++++++++++++++++++++
 1 file changed, 32 insertions(+)
 create mode 100644 misconfiguration/aem/aem-acs-common.yaml

diff --git a/misconfiguration/aem/aem-acs-common.yaml b/misconfiguration/aem/aem-acs-common.yaml
new file mode 100644
index 0000000000..ec50a54d12
--- /dev/null
+++ b/misconfiguration/aem/aem-acs-common.yaml
@@ -0,0 +1,32 @@
+id: aem-acs-common
+
+info:
+  name: Adobe AEM ACS Common Exposure
+  author: dhiyaneshDk
+  severity: medium
+  reference:
+    - https://raw.githubusercontent.com/danielmiessler/SecLists/master/Discovery/Web-Content/aem2.txt
+  metadata:
+    shodan-query:
+      - http.title:"AEM Sign In"
+      - http.component:"Adobe Experience Manager"
+  tags: misconfig,aem,adobe
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/etc/acs-commons/jcr-compare.html"
+      - "{{BaseURL}}/etc/acs-commons/workflow-remover.html"
+      - "{{BaseURL}}/etc/acs-commons/version-compare.html"
+      - "{{BaseURL}}/etc/acs-commons/oak-index-manager.html"
+
+    stop-at-first-match: true
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '<title>Version Compare | ACS AEM Commons</title>'
+          - '<title>Oak Index Manager | ACS AEM Commons</title>'
+          - '<title>JCR Compare | ACS AEM Commons</title>'
+          - '<title>Workflow Remover | ACS AEM Commons</title>'
+        condition: or