Pentesting Adobe Experience Manager in 2024
AEM is well-known in bug bounty programs. While Adobe frequently releases new CVEs (though, they are mainly undisclosed XSS vulnerabilities) through its private bug bounty program, no new AEM exploits have appeared on the market. However, as pentesters working under NDAs, we still encounter these applications for reqular checks, and we must pay close attention to every little detail to produce valuable and interesting reports. Here I describe my approach to AEM pentesting conducted mainly on production hosts. At the time of writing the newest version is 6.5.21.0 with no known CVEs: list . Google dork for AEMs inurl:/libs/granite/core Contents aem-hacker Testing for SSRF WCM Debug Filter Vulnerable Javascript libraries Information disclosure Files Bypass techniques Reflected XSS (2021) HTML Injection Summary I will update this post in the future with more examples. aem-hacker Always start with the toolset called aem-hacker. Though it was developed 6 years ago and the vulnerab...