Based on CVE reports for AEM security vulnerabilities, AEM should not be vulnerable to unrestricted file uploadhttps://www.cvedetails.com/vulnerability-list/vendor_id-53/product_id-33138/Adobe-Experience-Manager.html

The idea is the same ... there might be some path diff that should be adjusted accordingly. There is no updated document as far as I can tell.

You may want to check the following document:OWASP Top 10 Note: I dont see Unrestricted File Upload listed in OWASP Top Ten

You can exclude specific contents form indexing:How to exclude certain paths of content from being indexed

You may wanna ensure you have the proper user permissions to perform this task. http://host:port/useradmin

The package may include thousands of nodes that can potentially create memory issues.- Do you see any relevant error message in the "error.log" file ? Any Out Of Memory error ?- If so can you increase the allocated heap to AEM by using the proper size in the startup command ?Example: java -jar -Xmx8...

I verified the following packages are created in CRX/DE upon uploading the package:/etc/designs/mfCoral63/apps/mfCoral63/content/mfCoral63/content/dam/mfCoral63- What version of AEM are you running ?- Do you see any error in the "error.log" related to uploading the package ?

This could potentially be due to JSON Max results i.e. json.maximumresults, [1] assuming the query is fine. When this limit is exceeded the rendering will be collapsed. [1] Security Checklist

You can use JCR Query Cheat Sheet [1] to build your query. It might be easier to build a SQL/SQL2 query then you can generate the xpath query from the SQL query in CRX/DE[1] https://wiki.magnolia-cms.com/display/WIKI/JCR+Query+Cheat+Sheet