{"id":282,"date":"2014-08-06T19:05:41","date_gmt":"2014-08-06T19:05:41","guid":{"rendered":"https:\/\/www.xlabs.com.br\/blog\/?p=282"},"modified":"2021-08-25T17:49:24","modified_gmt":"2021-08-25T20:49:24","slug":"cve-2014-8596-php-fusion-sql-injection","status":"publish","type":"post","link":"https:\/\/www.xlabs.com.br\/blog\/cve-2014-8596-php-fusion-sql-injection\/","title":{"rendered":"CVE-2014-8596 PHP-Fusion 7.02.07 – SQL Injection"},"content":{"rendered":"

Conforme os testes de seguran\u00e7a realizados em um CMS (Sistema de gerenciamento de conte\u00fado em portugu\u00eas) chamado PHP-Fusion detectamos a presen\u00e7a de algumas falhas de seguran\u00e7a no painel de administra\u00e7\u00e3o do CMS, conforme os CVE’s s\u00e3o separados por tipos de falhas, registramos dois CVE’s, e este artigo trata-se da exposi\u00e7\u00e3o da falha de SQL Injection, ou comumente chamada de inje\u00e7\u00e3o de comandos SQL.<\/p>\n

A abrang\u00eancia desta vulnerabilidade depende de alguns fatores, como os fatores podem impactar atacantes de obterem acesso imediato ao servidor da aplica\u00e7\u00e3o, devido ao atacante ter de\u00a0obter acesso ao painel de administra\u00e7\u00e3o do website, al\u00e9m da aplica\u00e7\u00e3o de SGBD (MySQL no caso) ter ou n\u00e3o, permiss\u00e3o de escrita nos diret\u00f3rios do Web Server, resolvemos tornar p\u00fablica antes\u00a0da corre\u00e7\u00e3o da falha na aplica\u00e7\u00e3o.<\/p>\n

<\/center><\/p>\n

<\/h4>\n

Descri\u00e7\u00e3o da plataforma segundo o website do fabricante<\/strong><\/h4>\n

PHP-Fusion \u00e9 um sistema Open-Source de gerenciamento de conte\u00fado (CMS) leve escrito em PHP.
\nO PHP-Fusion utiliza um banco de dados MySQL para armazenar o conte\u00fado do site e inclui um sistema de gest\u00e3o simples, por\u00e9m abrangente e completo para gerenciar seus websites.<\/p>\n

Interface web da aplica\u00e7\u00e3o<\/p>\n

\"PHP-Fusion_version\"<\/a><\/p>\n

<\/h4>\n

\"PHP-Fusion_version_other_installation\"<\/a><\/p>\n

<\/h4>\n

A falha de seguran\u00e7a<\/strong><\/h4>\n

# Software:\u00a0PHP-Fusion
\n# Vers\u00e3o: 7.02.07 [Download]<\/a>\u00a0[Download do Fabricante]<\/a>
\n# Empresa:\u00a0PHP-Fusion Inc
\n# Website:\u00a0www.php-fusion.co.uk
\n# Vulnerabilidade:\u00a0SQL Injection (Inje\u00e7\u00f5es de comandos SQL)
\n# CVE:\u00a0CVE-2014-8596
\n# Autor: Mauricio Corr\u00eaa<\/p>\n

<\/h4>\n

GET \/PHP-Fusion\/files\/administration\/submissions.php?action=2&aid=9b23a9871adc75cd&submit_id=1[SQL Injection]<\/strong><\/span>&t=n HTTP\/1.1
\nHost: 192.168.0.105
\nUser-Agent: Mozilla\/5.0 (Windows NT 6.2; WOW64; rv:33.0) Gecko\/20100101 Firefox\/33.0
\nAccept: text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8
\nAccept-Language: pt-BR,pt;q=0.8,en-US;q=0.5,en;q=0.3
\nAccept-Encoding: gzip, deflate
\nCookie: fusion68fF5_user=1.1414718441.a8ab620bccfcc51e12da05d5ab81734a44f1cabd25f620b17122152bf157283f; fusion68fF5_lastvisit=1414550801; session_id_8000=e987f4ac3b66045a9ce1ee9343c9a619dab98eb9; \u00a0fusion68fF5_visited=yes; has_js=1;
\nConnection: keep-alive<\/p>\n

<\/h4>\n

\"PHP-Fusion_Burp_[SQL<\/a><\/p>\n

<\/h4>\n

============================================================================================<\/p>\n

<\/h4>\n

GET \/PHP-Fusion\/files\/administration\/members.php?aid=9b23a9871adc75cd&status=4[SQL Injection]<\/span><\/strong>\u00a0HTTP\/1.1
\nHost: 192.168.0.105
\nUser-Agent: Mozilla\/5.0 (Windows NT 6.2; WOW64; rv:33.0) Gecko\/20100101 Firefox\/33.0
\nAccept: text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8
\nAccept-Language: pt-BR,pt;q=0.8,en-US;q=0.5,en;q=0.3
\nAccept-Encoding: gzip, deflate
\nCookie: fusion68fF5_user=1.1414718441.a8ab620bccfcc51e12da05d5ab81734a44f1cabd25f620b17122152bf157283f; fusion68fF5_lastvisit=1414550801; session_id_8000=e987f4ac3b66045a9ce1ee9343c9a619dab98eb9;; fusion68fF5_visited=yes; has_js=1;
\nConnection: keep-alive<\/p>\n

<\/h4>\n

\"PHP-Fusion_[SQL<\/a><\/p>\n

<\/h4>\n

Para a confirma\u00e7\u00e3o da falha, resolvemos fazer novamente o download da aplica\u00e7\u00e3o modificando o servidor (mirror de download), e testamos as mesmas falhas em outra instala\u00e7\u00e3o, conforme podemos ver na imagem a seguir,<\/p>\n

<\/h4>\n

\"PHP-Fusion_Other_installation\"<\/a><\/p>\n

<\/h4>\n

O fabricante do software foi alertado das falhas de seguran\u00e7a, segundo postagens em um F\u00f3rum oficial do PHP-Fusion uma poss\u00edvel corre\u00e7\u00e3o pode ser encontrada aqui: https:\/\/www.php-fusion.co.uk\/forum\/viewthread.php?thread_id=35600<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Conforme os testes de seguran\u00e7a realizados em um CMS (Sistema de gerenciamento de conte\u00fado em portugu\u00eas) chamado PHP-Fusion detectamos a presen\u00e7a de algumas falhas de seguran\u00e7a no painel de administra\u00e7\u00e3o do CMS, conforme os CVE’s s\u00e3o separados por tipos de falhas, registramos dois CVE’s, e este artigo trata-se da exposi\u00e7\u00e3o da falha de SQL Injection, […]<\/p>\n","protected":false},"author":1,"featured_media":1561,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[61],"tags":[73,75,76],"yoast_head":"\nCVE-2014-8596 PHP-Fusion - SQL Injection – XLabs Security Blog<\/title>\n<meta name=\"description\" content=\"Conforme os testes de seguran\u00e7a realizados no PHP-Fusion, detectamos a presen\u00e7a de algumas falhas e registramos dois CVE s...\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.xlabs.com.br\/blog\/cve-2014-8596-php-fusion-sql-injection\/\" \/>\n<meta property=\"og:locale\" content=\"pt_BR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"CVE-2014-8596 PHP-Fusion - SQL Injection – XLabs Security Blog\" \/>\n<meta property=\"og:description\" content=\"Conforme os testes de seguran\u00e7a realizados em um CMS (Sistema de gerenciamento de conte\u00fado em portugu\u00eas) chamado PHP-Fusion detectamos a presen\u00e7a de algumas falhas de seguran\u00e7a no painel de administra\u00e7\u00e3o do CMS, conforme os CVE's s\u00e3o separados por tipos de falhas, registramos dois CVE's, e este artigo trata-se da exposi\u00e7\u00e3o da falha de SQL Injection, ou comumente chamada de inje\u00e7\u00e3o de comandos SQL.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.xlabs.com.br\/blog\/cve-2014-8596-php-fusion-sql-injection\/\" \/>\n<meta property=\"og:site_name\" content=\"XLabs Security Blog\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/xlabs\" \/>\n<meta property=\"article:published_time\" content=\"2014-08-06T19:05:41+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-08-25T20:49:24+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.xlabs.com.br\/blog\/wp-content\/uploads\/2014\/08\/php-fusion-7-02-07-sql-injection-blog-post-xlabs.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1000\" \/>\n\t<meta property=\"og:image:height\" content=\"488\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Mauricio Corr\u00eaa\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:title\" content=\"CVE-2014-8596 PHP-Fusion - SQL Injection – XLabs Security Blog\" \/>\n<meta name=\"twitter:description\" content=\"Conforme os testes de seguran\u00e7a realizados em um CMS (Sistema de gerenciamento de conte\u00fado em portugu\u00eas) chamado PHP-Fusion detectamos a presen\u00e7a de algumas falhas de seguran\u00e7a no painel de administra\u00e7\u00e3o do CMS, conforme os CVE's s\u00e3o separados por tipos de falhas, registramos dois CVE's, e este artigo trata-se da exposi\u00e7\u00e3o da falha de SQL Injection, ou comumente chamada de inje\u00e7\u00e3o de comandos SQL.\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/www.xlabs.com.br\/blog\/wp-content\/uploads\/2014\/08\/php-fusion-7-02-07-sql-injection-blog-post-xlabs.png\" \/>\n<meta name=\"twitter:label1\" content=\"Escrito por\" \/>\n\t<meta name=\"twitter:data1\" content=\"Mauricio Corr\u00eaa\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. tempo de leitura\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutos\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.xlabs.com.br\/blog\/cve-2014-8596-php-fusion-sql-injection\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.xlabs.com.br\/blog\/cve-2014-8596-php-fusion-sql-injection\/\"},\"author\":{\"name\":\"Mauricio Corr\u00eaa\",\"@id\":\"https:\/\/www.xlabs.com.br\/blog\/#\/schema\/person\/7d0839d8f5b967c3daa45aa01f3fdd3d\"},\"headline\":\"CVE-2014-8596 PHP-Fusion 7.02.07 – SQL Injection\",\"datePublished\":\"2014-08-06T19:05:41+00:00\",\"dateModified\":\"2021-08-25T20:49:24+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.xlabs.com.br\/blog\/cve-2014-8596-php-fusion-sql-injection\/\"},\"wordCount\":508,\"publisher\":{\"@id\":\"https:\/\/www.xlabs.com.br\/blog\/#organization\"},\"keywords\":[\"CVE-2014-8596\",\"PHP-Fusion\",\"SQL Injection\"],\"articleSection\":[\"Falhas de Seguran\u00e7a\"],\"inLanguage\":\"pt-BR\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.xlabs.com.br\/blog\/cve-2014-8596-php-fusion-sql-injection\/\",\"url\":\"https:\/\/www.xlabs.com.br\/blog\/cve-2014-8596-php-fusion-sql-injection\/\",\"name\":\"CVE-2014-8596 PHP-Fusion - SQL Injection – XLabs Security Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.xlabs.com.br\/blog\/#website\"},\"datePublished\":\"2014-08-06T19:05:41+00:00\",\"dateModified\":\"2021-08-25T20:49:24+00:00\",\"description\":\"Conforme os testes de seguran\u00e7a realizados no PHP-Fusion, detectamos a presen\u00e7a de algumas falhas e registramos dois CVE s...\",\"breadcrumb\":{\"@id\":\"https:\/\/www.xlabs.com.br\/blog\/cve-2014-8596-php-fusion-sql-injection\/#breadcrumb\"},\"inLanguage\":\"pt-BR\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.xlabs.com.br\/blog\/cve-2014-8596-php-fusion-sql-injection\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.xlabs.com.br\/blog\/cve-2014-8596-php-fusion-sql-injection\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"In\u00edcio\",\"item\":\"https:\/\/www.xlabs.com.br\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"CVE-2014-8596 PHP-Fusion 7.02.07 – SQL Injection\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.xlabs.com.br\/blog\/#website\",\"url\":\"https:\/\/www.xlabs.com.br\/blog\/\",\"name\":\"XLabs Security Blog\",\"description\":\"Seguran\u00e7a da Informa\u00e7\u00e3o\",\"publisher\":{\"@id\":\"https:\/\/www.xlabs.com.br\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.xlabs.com.br\/blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"pt-BR\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.xlabs.com.br\/blog\/#organization\",\"name\":\"XLabs Security\",\"url\":\"https:\/\/www.xlabs.com.br\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\/\/www.xlabs.com.br\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.xlabs.com.br\/blog\/wp-content\/uploads\/2020\/11\/Logotipo.png\",\"contentUrl\":\"https:\/\/www.xlabs.com.br\/blog\/wp-content\/uploads\/2020\/11\/Logotipo.png\",\"width\":478,\"height\":168,\"caption\":\"XLabs Security\"},\"image\":{\"@id\":\"https:\/\/www.xlabs.com.br\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.instagram.com\/xlabs.security\",\"https:\/\/www.linkedin.com\/company\/xlabs-security\/\",\"https:\/\/www.youtube.com\/channel\/UCPbGDmCQI7_UcAPmvVLi58g?view_as=subscriber\",\"https:\/\/www.facebook.com\/xlabs\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.xlabs.com.br\/blog\/#\/schema\/person\/7d0839d8f5b967c3daa45aa01f3fdd3d\",\"name\":\"Mauricio Corr\u00eaa\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\/\/www.xlabs.com.br\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/f0734e5fb6afc04d038e66cae478a8a0?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/f0734e5fb6afc04d038e66cae478a8a0?s=96&d=mm&r=g\",\"caption\":\"Mauricio Corr\u00eaa\"},\"url\":\"https:\/\/www.xlabs.com.br\/blog\/author\/mauricio-correa\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"CVE-2014-8596 PHP-Fusion - SQL Injection – XLabs Security Blog","description":"Conforme os testes de seguran\u00e7a realizados no PHP-Fusion, detectamos a presen\u00e7a de algumas falhas e registramos dois CVE s...","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.xlabs.com.br\/blog\/cve-2014-8596-php-fusion-sql-injection\/","og_locale":"pt_BR","og_type":"article","og_title":"CVE-2014-8596 PHP-Fusion - SQL Injection – XLabs Security Blog","og_description":"Conforme os testes de seguran\u00e7a realizados em um CMS (Sistema de gerenciamento de conte\u00fado em portugu\u00eas) chamado PHP-Fusion detectamos a presen\u00e7a de algumas falhas de seguran\u00e7a no painel de administra\u00e7\u00e3o do CMS, conforme os CVE's s\u00e3o separados por tipos de falhas, registramos dois CVE's, e este artigo trata-se da exposi\u00e7\u00e3o da falha de SQL Injection, ou comumente chamada de inje\u00e7\u00e3o de comandos SQL.","og_url":"https:\/\/www.xlabs.com.br\/blog\/cve-2014-8596-php-fusion-sql-injection\/","og_site_name":"XLabs Security Blog","article_publisher":"https:\/\/www.facebook.com\/xlabs","article_published_time":"2014-08-06T19:05:41+00:00","article_modified_time":"2021-08-25T20:49:24+00:00","og_image":[{"width":1000,"height":488,"url":"https:\/\/www.xlabs.com.br\/blog\/wp-content\/uploads\/2014\/08\/php-fusion-7-02-07-sql-injection-blog-post-xlabs.png","type":"image\/png"}],"author":"Mauricio Corr\u00eaa","twitter_card":"summary_large_image","twitter_title":"CVE-2014-8596 PHP-Fusion - SQL Injection – XLabs Security Blog","twitter_description":"Conforme os testes de seguran\u00e7a realizados em um CMS (Sistema de gerenciamento de conte\u00fado em portugu\u00eas) chamado PHP-Fusion detectamos a presen\u00e7a de algumas falhas de seguran\u00e7a no painel de administra\u00e7\u00e3o do CMS, conforme os CVE's s\u00e3o separados por tipos de falhas, registramos dois CVE's, e este artigo trata-se da exposi\u00e7\u00e3o da falha de SQL Injection, ou comumente chamada de inje\u00e7\u00e3o de comandos SQL.","twitter_image":"https:\/\/www.xlabs.com.br\/blog\/wp-content\/uploads\/2014\/08\/php-fusion-7-02-07-sql-injection-blog-post-xlabs.png","twitter_misc":{"Escrito por":"Mauricio Corr\u00eaa","Est. tempo de leitura":"3 minutos"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.xlabs.com.br\/blog\/cve-2014-8596-php-fusion-sql-injection\/#article","isPartOf":{"@id":"https:\/\/www.xlabs.com.br\/blog\/cve-2014-8596-php-fusion-sql-injection\/"},"author":{"name":"Mauricio Corr\u00eaa","@id":"https:\/\/www.xlabs.com.br\/blog\/#\/schema\/person\/7d0839d8f5b967c3daa45aa01f3fdd3d"},"headline":"CVE-2014-8596 PHP-Fusion 7.02.07 – SQL Injection","datePublished":"2014-08-06T19:05:41+00:00","dateModified":"2021-08-25T20:49:24+00:00","mainEntityOfPage":{"@id":"https:\/\/www.xlabs.com.br\/blog\/cve-2014-8596-php-fusion-sql-injection\/"},"wordCount":508,"publisher":{"@id":"https:\/\/www.xlabs.com.br\/blog\/#organization"},"keywords":["CVE-2014-8596","PHP-Fusion","SQL Injection"],"articleSection":["Falhas de Seguran\u00e7a"],"inLanguage":"pt-BR"},{"@type":"WebPage","@id":"https:\/\/www.xlabs.com.br\/blog\/cve-2014-8596-php-fusion-sql-injection\/","url":"https:\/\/www.xlabs.com.br\/blog\/cve-2014-8596-php-fusion-sql-injection\/","name":"CVE-2014-8596 PHP-Fusion - SQL Injection – XLabs Security Blog","isPartOf":{"@id":"https:\/\/www.xlabs.com.br\/blog\/#website"},"datePublished":"2014-08-06T19:05:41+00:00","dateModified":"2021-08-25T20:49:24+00:00","description":"Conforme os testes de seguran\u00e7a realizados no PHP-Fusion, detectamos a presen\u00e7a de algumas falhas e registramos dois CVE s...","breadcrumb":{"@id":"https:\/\/www.xlabs.com.br\/blog\/cve-2014-8596-php-fusion-sql-injection\/#breadcrumb"},"inLanguage":"pt-BR","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.xlabs.com.br\/blog\/cve-2014-8596-php-fusion-sql-injection\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.xlabs.com.br\/blog\/cve-2014-8596-php-fusion-sql-injection\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"In\u00edcio","item":"https:\/\/www.xlabs.com.br\/blog\/"},{"@type":"ListItem","position":2,"name":"CVE-2014-8596 PHP-Fusion 7.02.07 – SQL Injection"}]},{"@type":"WebSite","@id":"https:\/\/www.xlabs.com.br\/blog\/#website","url":"https:\/\/www.xlabs.com.br\/blog\/","name":"XLabs Security Blog","description":"Seguran\u00e7a da Informa\u00e7\u00e3o","publisher":{"@id":"https:\/\/www.xlabs.com.br\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.xlabs.com.br\/blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"pt-BR"},{"@type":"Organization","@id":"https:\/\/www.xlabs.com.br\/blog\/#organization","name":"XLabs Security","url":"https:\/\/www.xlabs.com.br\/blog\/","logo":{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/www.xlabs.com.br\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.xlabs.com.br\/blog\/wp-content\/uploads\/2020\/11\/Logotipo.png","contentUrl":"https:\/\/www.xlabs.com.br\/blog\/wp-content\/uploads\/2020\/11\/Logotipo.png","width":478,"height":168,"caption":"XLabs Security"},"image":{"@id":"https:\/\/www.xlabs.com.br\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.instagram.com\/xlabs.security","https:\/\/www.linkedin.com\/company\/xlabs-security\/","https:\/\/www.youtube.com\/channel\/UCPbGDmCQI7_UcAPmvVLi58g?view_as=subscriber","https:\/\/www.facebook.com\/xlabs"]},{"@type":"Person","@id":"https:\/\/www.xlabs.com.br\/blog\/#\/schema\/person\/7d0839d8f5b967c3daa45aa01f3fdd3d","name":"Mauricio Corr\u00eaa","image":{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/www.xlabs.com.br\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/f0734e5fb6afc04d038e66cae478a8a0?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f0734e5fb6afc04d038e66cae478a8a0?s=96&d=mm&r=g","caption":"Mauricio Corr\u00eaa"},"url":"https:\/\/www.xlabs.com.br\/blog\/author\/mauricio-correa\/"}]}},"_links":{"self":[{"href":"https:\/\/www.xlabs.com.br\/blog\/wp-json\/wp\/v2\/posts\/282"}],"collection":[{"href":"https:\/\/www.xlabs.com.br\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.xlabs.com.br\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.xlabs.com.br\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.xlabs.com.br\/blog\/wp-json\/wp\/v2\/comments?post=282"}],"version-history":[{"count":16,"href":"https:\/\/www.xlabs.com.br\/blog\/wp-json\/wp\/v2\/posts\/282\/revisions"}],"predecessor-version":[{"id":1564,"href":"https:\/\/www.xlabs.com.br\/blog\/wp-json\/wp\/v2\/posts\/282\/revisions\/1564"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.xlabs.com.br\/blog\/wp-json\/wp\/v2\/media\/1561"}],"wp:attachment":[{"href":"https:\/\/www.xlabs.com.br\/blog\/wp-json\/wp\/v2\/media?parent=282"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.xlabs.com.br\/blog\/wp-json\/wp\/v2\/categories?post=282"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.xlabs.com.br\/blog\/wp-json\/wp\/v2\/tags?post=282"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}