diff --git a/misconfiguration/aem/aem-childrenlist-xss.yaml b/misconfiguration/aem/aem-childrenlist-xss.yaml
index 15e2670a53..efbb28a5c9 100644
--- a/misconfiguration/aem/aem-childrenlist-xss.yaml
+++ b/misconfiguration/aem/aem-childrenlist-xss.yaml
@@ -21,23 +21,19 @@ requests:
       - "{{BaseURL}}/{{rand_base(4)}}<br><br>please%20authenticate<br><br>.childrenlist.html"
 
     stop-at-first-match: true
-    matchers-condition: or
+    matchers-condition: and
     matchers:
       - type: word
         part: body
-        name: xss
         words:
           - '<img src="x" data onerror="alert(domain)"/>'
-          - 'data-coral-columnview-id'
-        condition: and
+          - '<br /><br />please authenticate<br /><br />'
+        condition: or
 
       - type: word
         part: body
-        name: html_injection
         words:
-          - '<br /><br />please authenticate<br /><br />'
           - 'data-coral-columnview-id'
-        condition: and
 
       - type: word
         part: content_type