id: aem-wcm-suggestions-servlet info: name: AEM WCM Suggestions Servlet author: DhiyaneshDk severity: low reference: - https://speakerdeck.com/0ang3el/hunting-for-security-bugs-in-aem-webapps?slide=96 tags: aem requests: - method: GET path: - '{{BaseURL}}/bin/wcm/contentfinder/connector/suggestions.json;%0aOJh.css?query_term=path%3a/&pre={{randstr}}' matchers-condition: and matchers: - type: status status: - 200 - type: word words: - '{{randstr}}' - '"results":' - '"suggestions":' condition: and