{"id":292,"date":"2014-08-06T19:51:09","date_gmt":"2014-08-06T19:51:09","guid":{"rendered":"https:\/\/www.xlabs.com.br\/blog\/?p=292"},"modified":"2021-08-25T17:48:32","modified_gmt":"2021-08-25T20:48:32","slug":"cve-2014-8597-php-fusion-xss-injection-reflected","status":"publish","type":"post","link":"https:\/\/www.xlabs.com.br\/blog\/cve-2014-8597-php-fusion-xss-injection-reflected\/","title":{"rendered":"CVE-2014-8597 PHP-Fusion 7.02.07 – XSS Injection (Reflected)"},"content":{"rendered":"

Conforme os testes de seguran\u00e7a realizados em um CMS(Sistema de gerenciamento de conte\u00fado em portugu\u00eas) chamado PHP-Fusion detectamos a presen\u00e7a de algumas falhas de seguran\u00e7a no painel de administra\u00e7\u00e3o do CMS, conforme os CVE\u2019s s\u00e3o separados por tipos de falhas, registramos dois CVE\u2019s, e este artigo trata-se de uma exposi\u00e7\u00e3o da falha de XSS Injection, ou comumente chamada de Cross Site Scripting.<\/p>\n

A abrang\u00eancia desta vulnerabilidade depende de alguns fatores, como os fatores podem impactar atacantes de obterem acesso imediato ao servidor da aplica\u00e7\u00e3o, devido ao atacante ter de obter acesso ao painel de administra\u00e7\u00e3o do website, resolvemos tornar p\u00fablica antes da corre\u00e7\u00e3o da falha na aplica\u00e7\u00e3o, por\u00e9m ressaltamos que esta falha pode permitir o roubo de sess\u00e3o de um administrador via engenharia social, em conjunto com o CVE-2014-8596 pode resultar em poss\u00edveis execu\u00e7\u00f5es de comandos no servidor (confirmado esta possibilidade).<\/p>\n

<\/h4>\n

Descri\u00e7\u00e3o da plataforma segundo o website do fabricante<\/strong><\/h4>\n

PHP-Fusion \u00e9 um sistema Open-Source de gerenciamento de conte\u00fado (CMS) leve escrito em PHP.
\nO PHP-Fusion utiliza um banco de dados MySQL para armazenar o conte\u00fado do site e inclui um sistema de gest\u00e3o simples, por\u00e9m abrangente e completo para gerenciar seus websites.<\/p>\n

Interface web da aplica\u00e7\u00e3o<\/p>\n

\"PHP-Fusion_version\"<\/a><\/p>\n

<\/h4>\n

\"PHP-Fusion_version_other_installation\"<\/a><\/p>\n

<\/h4>\n

A falha de seguran\u00e7a<\/strong><\/h4>\n

# Software: PHP-Fusion
\n# Vers\u00e3o: 7.02.07 [Download]<\/a> [Download do Fabricante]<\/a>
\n# Empresa: PHP-Fusion Inc
\n# Website: www.php-fusion.co.uk
\n# Vulnerabilidade: XSS Injection (Cross Site Scripting)
\n# CVE: CVE-2014-8597
\n# Autor: Mauricio Corr\u00eaa<\/p>\n

<\/h4>\n

GET \/PHP-Fusion\/files\/administration\/members.php?aid=9b23a9871adc75cd&status=4[XSS Injection]<\/strong> HTTP\/1.1
\nHost: 192.168.0.105
\nUser-Agent: Mozilla\/5.0 (Windows NT 6.2; WOW64; rv:33.0) Gecko\/20100101 Firefox\/33.0
\nAccept: text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8
\nAccept-Language: pt-BR,pt;q=0.8,en-US;q=0.5,en;q=0.3
\nAccept-Encoding: gzip, deflate
\nCookie: fusion68fF5_user=1.1414718441.a8ab620bccfcc51e12da05d5ab81734a44f1cabd25f620b17122152bf157283f; fusion68fF5_lastvisit=1414550801; session_id_8000=e987f4ac3b66045a9ce1ee9343c9a619dab98eb9;; fusion68fF5_visited=yes; has_js=1;
\nConnection: keep-alive<\/p>\n

<\/h4>\n

\"PHP-Fusion_[XSS<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Conforme os testes de seguran\u00e7a realizados em um CMS(Sistema de gerenciamento de conte\u00fado em portugu\u00eas) chamado PHP-Fusion detectamos a presen\u00e7a de algumas falhas de seguran\u00e7a no painel de administra\u00e7\u00e3o do CMS, conforme os CVE\u2019s s\u00e3o separados por tipos de falhas, registramos dois CVE\u2019s, e este artigo trata-se de uma exposi\u00e7\u00e3o da falha de XSS Injection, […]<\/p>\n","protected":false},"author":1,"featured_media":1566,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[61],"tags":[42,82,75,41],"yoast_head":"\nCVE-2014-8597 PHP-Fusion - XSS Injection – XLabs Security Blog<\/title>\n<meta name=\"description\" content=\"Conforme os testes de seguran\u00e7a realizados no PHP-Fusion, detectamos a presen\u00e7a de algumas falhas e registramos dois CVE s...\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.xlabs.com.br\/blog\/cve-2014-8597-php-fusion-xss-injection-reflected\/\" \/>\n<meta property=\"og:locale\" content=\"pt_BR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"CVE-2014-8597 PHP-Fusion - XSS Injection – XLabs Security Blog\" \/>\n<meta property=\"og:description\" content=\"Conforme os testes de seguran\u00e7a realizados em um CMS(Sistema de gerenciamento de conte\u00fado em portugu\u00eas) chamado PHP-Fusion detectamos a presen\u00e7a de algumas falhas de seguran\u00e7a no painel de administra\u00e7\u00e3o do CMS, conforme os CVE\u2019s s\u00e3o separados por tipos de falhas, registramos dois CVE\u2019s, e este artigo trata-se de uma exposi\u00e7\u00e3o da falha de XSS Injection, ou comumente chamada de Cross Site Scripting.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.xlabs.com.br\/blog\/cve-2014-8597-php-fusion-xss-injection-reflected\/\" \/>\n<meta property=\"og:site_name\" content=\"XLabs Security Blog\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/xlabs\" \/>\n<meta property=\"article:published_time\" content=\"2014-08-06T19:51:09+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-08-25T20:48:32+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.xlabs.com.br\/blog\/wp-content\/uploads\/2014\/08\/php-fusion-7-02-07-xss-injection-reflected-blog-post-xlabs.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1000\" \/>\n\t<meta property=\"og:image:height\" content=\"488\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Mauricio Corr\u00eaa\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:title\" content=\"CVE-2014-8597 PHP-Fusion - XSS Injection – XLabs Security Blog\" \/>\n<meta name=\"twitter:description\" content=\"Conforme os testes de seguran\u00e7a realizados em um CMS(Sistema de gerenciamento de conte\u00fado em portugu\u00eas) chamado PHP-Fusion detectamos a presen\u00e7a de algumas falhas de seguran\u00e7a no painel de administra\u00e7\u00e3o do CMS, conforme os CVE\u2019s s\u00e3o separados por tipos de falhas, registramos dois CVE\u2019s, e este artigo trata-se de uma exposi\u00e7\u00e3o da falha de XSS Injection, ou comumente chamada de Cross Site Scripting.\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/www.xlabs.com.br\/blog\/wp-content\/uploads\/2014\/08\/php-fusion-7-02-07-xss-injection-reflected-blog-post-xlabs.png\" \/>\n<meta name=\"twitter:label1\" content=\"Escrito por\" \/>\n\t<meta name=\"twitter:data1\" content=\"Mauricio Corr\u00eaa\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. tempo de leitura\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutos\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.xlabs.com.br\/blog\/cve-2014-8597-php-fusion-xss-injection-reflected\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.xlabs.com.br\/blog\/cve-2014-8597-php-fusion-xss-injection-reflected\/\"},\"author\":{\"name\":\"Mauricio Corr\u00eaa\",\"@id\":\"https:\/\/www.xlabs.com.br\/blog\/#\/schema\/person\/7d0839d8f5b967c3daa45aa01f3fdd3d\"},\"headline\":\"CVE-2014-8597 PHP-Fusion 7.02.07 – XSS Injection (Reflected)\",\"datePublished\":\"2014-08-06T19:51:09+00:00\",\"dateModified\":\"2021-08-25T20:48:32+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.xlabs.com.br\/blog\/cve-2014-8597-php-fusion-xss-injection-reflected\/\"},\"wordCount\":362,\"publisher\":{\"@id\":\"https:\/\/www.xlabs.com.br\/blog\/#organization\"},\"keywords\":[\"Cross Site Scripting\",\"CVE-2014-8597\",\"PHP-Fusion\",\"XSS Injection\"],\"articleSection\":[\"Falhas de Seguran\u00e7a\"],\"inLanguage\":\"pt-BR\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.xlabs.com.br\/blog\/cve-2014-8597-php-fusion-xss-injection-reflected\/\",\"url\":\"https:\/\/www.xlabs.com.br\/blog\/cve-2014-8597-php-fusion-xss-injection-reflected\/\",\"name\":\"CVE-2014-8597 PHP-Fusion - XSS Injection – XLabs Security Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.xlabs.com.br\/blog\/#website\"},\"datePublished\":\"2014-08-06T19:51:09+00:00\",\"dateModified\":\"2021-08-25T20:48:32+00:00\",\"description\":\"Conforme os testes de seguran\u00e7a realizados no PHP-Fusion, detectamos a presen\u00e7a de algumas falhas e registramos dois CVE s...\",\"breadcrumb\":{\"@id\":\"https:\/\/www.xlabs.com.br\/blog\/cve-2014-8597-php-fusion-xss-injection-reflected\/#breadcrumb\"},\"inLanguage\":\"pt-BR\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.xlabs.com.br\/blog\/cve-2014-8597-php-fusion-xss-injection-reflected\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.xlabs.com.br\/blog\/cve-2014-8597-php-fusion-xss-injection-reflected\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"In\u00edcio\",\"item\":\"https:\/\/www.xlabs.com.br\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"CVE-2014-8597 PHP-Fusion 7.02.07 – XSS Injection (Reflected)\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.xlabs.com.br\/blog\/#website\",\"url\":\"https:\/\/www.xlabs.com.br\/blog\/\",\"name\":\"XLabs Security Blog\",\"description\":\"Seguran\u00e7a da Informa\u00e7\u00e3o\",\"publisher\":{\"@id\":\"https:\/\/www.xlabs.com.br\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.xlabs.com.br\/blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"pt-BR\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.xlabs.com.br\/blog\/#organization\",\"name\":\"XLabs Security\",\"url\":\"https:\/\/www.xlabs.com.br\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\/\/www.xlabs.com.br\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.xlabs.com.br\/blog\/wp-content\/uploads\/2020\/11\/Logotipo.png\",\"contentUrl\":\"https:\/\/www.xlabs.com.br\/blog\/wp-content\/uploads\/2020\/11\/Logotipo.png\",\"width\":478,\"height\":168,\"caption\":\"XLabs Security\"},\"image\":{\"@id\":\"https:\/\/www.xlabs.com.br\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.instagram.com\/xlabs.security\",\"https:\/\/www.linkedin.com\/company\/xlabs-security\/\",\"https:\/\/www.youtube.com\/channel\/UCPbGDmCQI7_UcAPmvVLi58g?view_as=subscriber\",\"https:\/\/www.facebook.com\/xlabs\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.xlabs.com.br\/blog\/#\/schema\/person\/7d0839d8f5b967c3daa45aa01f3fdd3d\",\"name\":\"Mauricio Corr\u00eaa\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\/\/www.xlabs.com.br\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/f0734e5fb6afc04d038e66cae478a8a0?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/f0734e5fb6afc04d038e66cae478a8a0?s=96&d=mm&r=g\",\"caption\":\"Mauricio Corr\u00eaa\"},\"url\":\"https:\/\/www.xlabs.com.br\/blog\/author\/mauricio-correa\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"CVE-2014-8597 PHP-Fusion - XSS Injection – XLabs Security Blog","description":"Conforme os testes de seguran\u00e7a realizados no PHP-Fusion, detectamos a presen\u00e7a de algumas falhas e registramos dois CVE s...","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.xlabs.com.br\/blog\/cve-2014-8597-php-fusion-xss-injection-reflected\/","og_locale":"pt_BR","og_type":"article","og_title":"CVE-2014-8597 PHP-Fusion - XSS Injection – XLabs Security Blog","og_description":"Conforme os testes de seguran\u00e7a realizados em um CMS(Sistema de gerenciamento de conte\u00fado em portugu\u00eas) chamado PHP-Fusion detectamos a presen\u00e7a de algumas falhas de seguran\u00e7a no painel de administra\u00e7\u00e3o do CMS, conforme os CVE\u2019s s\u00e3o separados por tipos de falhas, registramos dois CVE\u2019s, e este artigo trata-se de uma exposi\u00e7\u00e3o da falha de XSS Injection, ou comumente chamada de Cross Site Scripting.","og_url":"https:\/\/www.xlabs.com.br\/blog\/cve-2014-8597-php-fusion-xss-injection-reflected\/","og_site_name":"XLabs Security Blog","article_publisher":"https:\/\/www.facebook.com\/xlabs","article_published_time":"2014-08-06T19:51:09+00:00","article_modified_time":"2021-08-25T20:48:32+00:00","og_image":[{"width":1000,"height":488,"url":"https:\/\/www.xlabs.com.br\/blog\/wp-content\/uploads\/2014\/08\/php-fusion-7-02-07-xss-injection-reflected-blog-post-xlabs.png","type":"image\/png"}],"author":"Mauricio Corr\u00eaa","twitter_card":"summary_large_image","twitter_title":"CVE-2014-8597 PHP-Fusion - XSS Injection – XLabs Security Blog","twitter_description":"Conforme os testes de seguran\u00e7a realizados em um CMS(Sistema de gerenciamento de conte\u00fado em portugu\u00eas) chamado PHP-Fusion detectamos a presen\u00e7a de algumas falhas de seguran\u00e7a no painel de administra\u00e7\u00e3o do CMS, conforme os CVE\u2019s s\u00e3o separados por tipos de falhas, registramos dois CVE\u2019s, e este artigo trata-se de uma exposi\u00e7\u00e3o da falha de XSS Injection, ou comumente chamada de Cross Site Scripting.","twitter_image":"https:\/\/www.xlabs.com.br\/blog\/wp-content\/uploads\/2014\/08\/php-fusion-7-02-07-xss-injection-reflected-blog-post-xlabs.png","twitter_misc":{"Escrito por":"Mauricio Corr\u00eaa","Est. tempo de leitura":"2 minutos"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.xlabs.com.br\/blog\/cve-2014-8597-php-fusion-xss-injection-reflected\/#article","isPartOf":{"@id":"https:\/\/www.xlabs.com.br\/blog\/cve-2014-8597-php-fusion-xss-injection-reflected\/"},"author":{"name":"Mauricio Corr\u00eaa","@id":"https:\/\/www.xlabs.com.br\/blog\/#\/schema\/person\/7d0839d8f5b967c3daa45aa01f3fdd3d"},"headline":"CVE-2014-8597 PHP-Fusion 7.02.07 – XSS Injection (Reflected)","datePublished":"2014-08-06T19:51:09+00:00","dateModified":"2021-08-25T20:48:32+00:00","mainEntityOfPage":{"@id":"https:\/\/www.xlabs.com.br\/blog\/cve-2014-8597-php-fusion-xss-injection-reflected\/"},"wordCount":362,"publisher":{"@id":"https:\/\/www.xlabs.com.br\/blog\/#organization"},"keywords":["Cross Site Scripting","CVE-2014-8597","PHP-Fusion","XSS Injection"],"articleSection":["Falhas de Seguran\u00e7a"],"inLanguage":"pt-BR"},{"@type":"WebPage","@id":"https:\/\/www.xlabs.com.br\/blog\/cve-2014-8597-php-fusion-xss-injection-reflected\/","url":"https:\/\/www.xlabs.com.br\/blog\/cve-2014-8597-php-fusion-xss-injection-reflected\/","name":"CVE-2014-8597 PHP-Fusion - XSS Injection – XLabs Security Blog","isPartOf":{"@id":"https:\/\/www.xlabs.com.br\/blog\/#website"},"datePublished":"2014-08-06T19:51:09+00:00","dateModified":"2021-08-25T20:48:32+00:00","description":"Conforme os testes de seguran\u00e7a realizados no PHP-Fusion, detectamos a presen\u00e7a de algumas falhas e registramos dois CVE s...","breadcrumb":{"@id":"https:\/\/www.xlabs.com.br\/blog\/cve-2014-8597-php-fusion-xss-injection-reflected\/#breadcrumb"},"inLanguage":"pt-BR","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.xlabs.com.br\/blog\/cve-2014-8597-php-fusion-xss-injection-reflected\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.xlabs.com.br\/blog\/cve-2014-8597-php-fusion-xss-injection-reflected\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"In\u00edcio","item":"https:\/\/www.xlabs.com.br\/blog\/"},{"@type":"ListItem","position":2,"name":"CVE-2014-8597 PHP-Fusion 7.02.07 – XSS Injection (Reflected)"}]},{"@type":"WebSite","@id":"https:\/\/www.xlabs.com.br\/blog\/#website","url":"https:\/\/www.xlabs.com.br\/blog\/","name":"XLabs Security Blog","description":"Seguran\u00e7a da Informa\u00e7\u00e3o","publisher":{"@id":"https:\/\/www.xlabs.com.br\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.xlabs.com.br\/blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"pt-BR"},{"@type":"Organization","@id":"https:\/\/www.xlabs.com.br\/blog\/#organization","name":"XLabs Security","url":"https:\/\/www.xlabs.com.br\/blog\/","logo":{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/www.xlabs.com.br\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.xlabs.com.br\/blog\/wp-content\/uploads\/2020\/11\/Logotipo.png","contentUrl":"https:\/\/www.xlabs.com.br\/blog\/wp-content\/uploads\/2020\/11\/Logotipo.png","width":478,"height":168,"caption":"XLabs Security"},"image":{"@id":"https:\/\/www.xlabs.com.br\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.instagram.com\/xlabs.security","https:\/\/www.linkedin.com\/company\/xlabs-security\/","https:\/\/www.youtube.com\/channel\/UCPbGDmCQI7_UcAPmvVLi58g?view_as=subscriber","https:\/\/www.facebook.com\/xlabs"]},{"@type":"Person","@id":"https:\/\/www.xlabs.com.br\/blog\/#\/schema\/person\/7d0839d8f5b967c3daa45aa01f3fdd3d","name":"Mauricio Corr\u00eaa","image":{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/www.xlabs.com.br\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/f0734e5fb6afc04d038e66cae478a8a0?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f0734e5fb6afc04d038e66cae478a8a0?s=96&d=mm&r=g","caption":"Mauricio Corr\u00eaa"},"url":"https:\/\/www.xlabs.com.br\/blog\/author\/mauricio-correa\/"}]}},"_links":{"self":[{"href":"https:\/\/www.xlabs.com.br\/blog\/wp-json\/wp\/v2\/posts\/292"}],"collection":[{"href":"https:\/\/www.xlabs.com.br\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.xlabs.com.br\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.xlabs.com.br\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.xlabs.com.br\/blog\/wp-json\/wp\/v2\/comments?post=292"}],"version-history":[{"count":10,"href":"https:\/\/www.xlabs.com.br\/blog\/wp-json\/wp\/v2\/posts\/292\/revisions"}],"predecessor-version":[{"id":1635,"href":"https:\/\/www.xlabs.com.br\/blog\/wp-json\/wp\/v2\/posts\/292\/revisions\/1635"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.xlabs.com.br\/blog\/wp-json\/wp\/v2\/media\/1566"}],"wp:attachment":[{"href":"https:\/\/www.xlabs.com.br\/blog\/wp-json\/wp\/v2\/media?parent=292"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.xlabs.com.br\/blog\/wp-json\/wp\/v2\/categories?post=292"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.xlabs.com.br\/blog\/wp-json\/wp\/v2\/tags?post=292"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}