{"id":7650,"date":"2018-03-30T05:41:56","date_gmt":"2018-03-30T05:41:56","guid":{"rendered":"http:\/\/blog.nsfocusglobal.com\/?p=1581"},"modified":"2025-07-09T07:14:45","modified_gmt":"2025-07-09T07:14:45","slug":"drupal-code-execution-vulnerability-analysis","status":"publish","type":"post","link":"https:\/\/nsfocusglobal.com\/pt-br\/drupal-code-execution-vulnerability-analysis\/","title":{"rendered":"Drupal Code Execution Vulnerability Analysis"},"content":{"rendered":"

Recently, Drupal, a popular open-source content management framework, is found to contain a highly critical remote code execution vulnerability, which allows attackers to execute malicious code on a Drupal site, resulting in the site being completely compromised. This vulnerability is assigned CVE-2018-7600.<\/p>\n

The root cause <\/strong>of this vulnerability is related with Drupal’s rendering of forms:<\/p>\n

Drupal provides an application programming interface (API) to generate, validate, and process HTML forms. The form API abstracts a form into a nested array, which contains attributes and values. When generating a page, the form rendering engine renders the array at an appropriate time. This means that:<\/em><\/p>\n

“We do not directly produce an HTML page, but create an array and make the engine generate the HTML page.”<\/strong> As the representation of forms is processed as structured data, it is possible to add, delete, re-sort, and modify forms. If you want to modify forms created by other modules effortlessly, this is a convenient method.<\/em>\uff08<\/em>Source: http:\/\/www.thinkindrupal.com\/book\/export\/html\/1100<\/em>\uff09<\/em><\/p>\n

Obviously, in Drupal, we do not need to directly produce an HTML form, but create an array first. The form rendering engine constructs a form with the name of $form<\/strong> by using the buildForm method in the \\drupal\\core\\lib\\Drupal\\Core\\Form\\FormBuilder.php<\/strong> file and then renders the corresponding HTML form.<\/p>\n

From the definition of buildForm given below, we can see that it is used to build forms.<\/p>\n

\"\"<\/a><\/p>\n

The final form is shown as below:<\/p>\n

\"\"<\/a><\/p>\n

This is where the vulnerability exists.<\/p>\n

For an application built on the Drupal framework, background form arrays have been written by developers, like the following:<\/p>\n

\"\"<\/a><\/p>\n

\"\"<\/a><\/p>\n

Attackers cannot change the key values of form array elements.<\/p>\n

Many applications provide a convenient method as follows:<\/p>\n

Assume that you want to register an account. For this purpose, you need to type the user name, password, email address, and telephone number. After you click Submit<\/strong>, the website prompts that the user name already exists.<\/p>\n

Then you find that you do not need to type the password, email address, and telephone number again as the page has saved this information.<\/p>\n

Drupal also has this function. How does it implement this function? Let’s do an experiment:<\/p>\n

First we submit a normal form.<\/p>\n

Then we insert a breakpoint at the return line of the buildForm function.<\/p>\n

\"\"<\/a><\/p>\n

Finally, we complete and submit the form.<\/p>\n

\"\"<\/a><\/p>\n

We are redirected to the page that prompts registration success.<\/p>\n

\"\"<\/a><\/p>\n

The breakpoint inserted at the return line of the buildForm function does not work.<\/p>\n

Then we attempt to register an account with the same information:<\/p>\n

\"\"<\/a><\/p>\n

This time the programs stops at the breakpoint:<\/p>\n

\"\"<\/a><\/p>\n

At this breakpoint, we change the name<\/strong> value to kingsguard_test_1<\/strong>.<\/p>\n

\"\"<\/a><\/p>\n

Then the following page is displayed:<\/p>\n

\"\"<\/a><\/p>\n

The process is as follows:<\/p>\n

    \n
  1. A user fills out a form \u00e0 The form is valid \u00e0 The user is redirected to the page prompting registration success.<\/li>\n
  2. A user fills out a form \u00e0 The form is invalid (for example, the user name already exists) \u00e0 The buildForm method is invoked to build user-supplied content into a form array \u00e0 The form array is rendered into an HTML page, which is then returned.<\/li>\n<\/ol>\n

    Just now we changed the name<\/strong> value at the breakpoint from kingsguard<\/strong> to kingsguard_test_1<\/strong>, so Username<\/strong> on the returned page is displayed as kingsguard_test_1<\/strong>.<\/p>\n

    Now we have the kill chain. Attacker-supplied values are used to build a form array with the buildForm method and this form array is then parsed by Drupal’s form rendering engine into an HTML page.<\/p>\n

    To upload a picture to this registration page,<\/p>\n

    \"\"<\/a><\/p>\n

    we need to send the following request:<\/p>\n

    \"\"<\/a><\/p>\n

    After being successfully uploaded, the picture is displayed as a thumbnail on the registration page, as shown in the following figure.<\/p>\n

    \"\"<\/a><\/p>\n

    This thumbnail has been parsed with the uploadAjaxCallback method in the drupal\\core\\modules\\file\\src\\Element\\ManagedFile.php<\/strong> file.<\/p>\n

    Let’s look back on the buildForm method. After producing the $form<\/strong> array, buildForm passes it to the uploadAjaxCallback method for parsing, with a view to displaying the picture as a thumbnail on the registration page.<\/p>\n

    Now that we are clear about the process, we can construct a proof of concept (PoC) to demonstrate it. First, send the following data by using the POST method:<\/p>\n

    \"\"<\/a><\/p>\n

    The buildForm function is invoked to build a form array ($form<\/strong>), which is then passed to the uploadAjaxCallback method.<\/p>\n

    Have a look at the uploadAjaxCallback method:<\/p>\n

    \"\"<\/a><\/p>\n

    The $form<\/strong> variable passed to the uploadAjaxCallback method is the form array built with the buildForm method.<\/p>\n

    \"\"<\/a><\/p>\n

    After the $form<\/strong> array is passed to the uploadAjaxCallback method, we notice a line, as shown in the red box in the following figure.<\/p>\n

    \"\"<\/a><\/p>\n

    Surprisingly, $form_parents<\/strong> is passed from GET! This indicates that this variable is manipulable. In fact, it maps to “element_parents=account\/mail\/%23value” in our PoC.<\/p>\n

    The following figure shows the expanded $form_parents<\/strong>:<\/p>\n

    \"\"<\/a><\/p>\n

    After $form_parents<\/strong> and $form<\/strong> are processed with the NestedArray::getValue method, result values are assigned to $form<\/strong>.<\/p>\n

    The new $form<\/strong> variable is as follows:<\/p>\n

    \"\"<\/a><\/p>\n

    Let’s move on to the renderRoot method.<\/p>\n

    \"\"<\/a><\/p>\n

    The $form<\/strong> variable passed to renderRoot is as follows:<\/p>\n

    \"\"<\/a><\/p>\n

    Look into the renderRoot method:<\/p>\n

    \"\"<\/a><\/p>\n

    \"\"<\/a><\/p>\n

    The render method is invoked.<\/p>\n

    Look further into the render method:<\/p>\n

    \"\"<\/a><\/p>\n

    The doRender method is invoked.<\/p>\n

    As for the doRender method, in line 505,<\/p>\n

    \"\"<\/a><\/p>\n

    the call_user_func method is invoked.<\/p>\n

    Parameters are as follows:<\/p>\n

    \"\"<\/a><\/p>\n

    Where,<\/p>\n

    $callable=”exec”<\/p>\n

    $elements[‘#children’]=”kingsguard_text” (This is the malicious code we passed previously. The related operation is omitted here.)<\/p>\n

    Conclusion<\/strong><\/p>\n

    In my opinion, this vulnerability is caused by two small issues. First, buildForm does not restrict user-supplied variables, making it possible to pass such variables as mail[#post_render]<\/strong> and mail[#type]<\/strong>. This issue alone, however, does not pose a serious threat because, for the finally rendered HTML page, arrays passed are still arrays, without being parsed as elements. The problem is that the $form_parents<\/strong> variable in the uploadAjaxCallback method is directly retrieved from get(‘element_parents’). This, coupled with the first issue, misleads $form_parents<\/strong> into taking the previously passed values as elements, hence the vulnerability in question.<\/p>\n","protected":false},"excerpt":{"rendered":"

    Recently, Drupal, a popular open-source content management framework, is found to contain a highly critical remote code execution vulnerability, which allows attackers to execute malicious code on a Drupal site, resulting in the site being completely compromised. This vulnerability is assigned CVE-2018-7600. The root cause of this vulnerability is related with Drupal’s rendering of forms: […]<\/p>\n","protected":false},"author":1,"featured_media":35805,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_coblocks_attr":"","_coblocks_dimensions":"","_coblocks_responsive_height":"","_coblocks_accordion_ie_support":"","footnotes":""},"categories":[3,6,15],"tags":[],"class_list":["post-7650","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog","category-emergency-response","category-research-reports"],"acf":[],"yoast_head":"\nDrupal Code Execution Vulnerability Analysis - NSFOCUS<\/title>\n<meta name=\"robots\" content=\"noindex, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<meta property=\"og:locale\" content=\"pt_BR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Drupal Code Execution Vulnerability Analysis - NSFOCUS\" \/>\n<meta property=\"og:description\" content=\"Recently, Drupal, a popular open-source content management framework, is found to contain a highly critical remote code execution vulnerability, which\" \/>\n<meta property=\"og:url\" content=\"https:\/\/nsfocusglobal.com\/drupal-code-execution-vulnerability-analysis\/\" \/>\n<meta property=\"og:site_name\" content=\"NSFOCUS\" \/>\n<meta property=\"article:published_time\" content=\"2018-03-30T05:41:56+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-07-09T07:14:45+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2018\/03\/BuildForm.png\" \/>\n<meta name=\"author\" content=\"admin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:title\" content=\"Drupal Code Execution Vulnerability Analysis - NSFOCUS\" \/>\n<meta name=\"twitter:description\" content=\"Recently, Drupal, a popular open-source content management framework, is found to contain a highly critical remote code execution vulnerability, which\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2018\/03\/BuildForm.png\" \/>\n<meta name=\"twitter:label1\" content=\"Escrito por\" \/>\n\t<meta name=\"twitter:data1\" content=\"admin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. tempo de leitura\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutos\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/drupal-code-execution-vulnerability-analysis\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/drupal-code-execution-vulnerability-analysis\\\/\"},\"author\":{\"name\":\"admin\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#\\\/schema\\\/person\\\/fd9ab61c9c77a81bbd870f725cc0c61d\"},\"headline\":\"Drupal Code Execution Vulnerability Analysis\",\"datePublished\":\"2018-03-30T05:41:56+00:00\",\"dateModified\":\"2025-07-09T07:14:45+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/drupal-code-execution-vulnerability-analysis\\\/\"},\"wordCount\":1013,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/drupal-code-execution-vulnerability-analysis\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2018\\\/03\\\/BuildForm.png\",\"articleSection\":[\"Blog\",\"Emergency Response\",\"Research & Reports\"],\"inLanguage\":\"pt-BR\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/nsfocusglobal.com\\\/drupal-code-execution-vulnerability-analysis\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/drupal-code-execution-vulnerability-analysis\\\/\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/drupal-code-execution-vulnerability-analysis\\\/\",\"name\":\"Drupal Code Execution Vulnerability Analysis - NSFOCUS\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/drupal-code-execution-vulnerability-analysis\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/drupal-code-execution-vulnerability-analysis\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2018\\\/03\\\/BuildForm.png\",\"datePublished\":\"2018-03-30T05:41:56+00:00\",\"dateModified\":\"2025-07-09T07:14:45+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/drupal-code-execution-vulnerability-analysis\\\/#breadcrumb\"},\"inLanguage\":\"pt-BR\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/nsfocusglobal.com\\\/drupal-code-execution-vulnerability-analysis\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/drupal-code-execution-vulnerability-analysis\\\/#primaryimage\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2018\\\/03\\\/BuildForm.png\",\"contentUrl\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2018\\\/03\\\/BuildForm.png\",\"width\":506,\"height\":415,\"caption\":\"Code snippet for building a form.\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/drupal-code-execution-vulnerability-analysis\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/nsfocusglobal.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Drupal Code Execution Vulnerability Analysis\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#website\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/\",\"name\":\"NSFOCUS\",\"description\":\"Security Made Smart and Simple\",\"publisher\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"pt-BR\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#organization\",\"name\":\"NSFOCUS\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2024\\\/08\\\/logo-ns.png\",\"contentUrl\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2024\\\/08\\\/logo-ns.png\",\"width\":248,\"height\":36,\"caption\":\"NSFOCUS\"},\"image\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#\\\/schema\\\/person\\\/fd9ab61c9c77a81bbd870f725cc0c61d\",\"name\":\"admin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d3dc987908fc59791d261b1006d84eb931d15287261476b9384e690ed0c568de?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d3dc987908fc59791d261b1006d84eb931d15287261476b9384e690ed0c568de?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d3dc987908fc59791d261b1006d84eb931d15287261476b9384e690ed0c568de?s=96&d=mm&r=g\",\"caption\":\"admin\"},\"sameAs\":[\"https:\\\/\\\/nsfocusglobal.com\"],\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/author\\\/admin\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Drupal Code Execution Vulnerability Analysis - NSFOCUS","robots":{"index":"noindex","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"og_locale":"pt_BR","og_type":"article","og_title":"Drupal Code Execution Vulnerability Analysis - NSFOCUS","og_description":"Recently, Drupal, a popular open-source content management framework, is found to contain a highly critical remote code execution vulnerability, which","og_url":"https:\/\/nsfocusglobal.com\/drupal-code-execution-vulnerability-analysis\/","og_site_name":"NSFOCUS","article_published_time":"2018-03-30T05:41:56+00:00","article_modified_time":"2025-07-09T07:14:45+00:00","og_image":[{"url":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2018\/03\/BuildForm.png","type":"","width":"","height":""}],"author":"admin","twitter_card":"summary_large_image","twitter_title":"Drupal Code Execution Vulnerability Analysis - NSFOCUS","twitter_description":"Recently, Drupal, a popular open-source content management framework, is found to contain a highly critical remote code execution vulnerability, which","twitter_image":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2018\/03\/BuildForm.png","twitter_misc":{"Escrito por":"admin","Est. tempo de leitura":"5 minutos"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/nsfocusglobal.com\/drupal-code-execution-vulnerability-analysis\/#article","isPartOf":{"@id":"https:\/\/nsfocusglobal.com\/drupal-code-execution-vulnerability-analysis\/"},"author":{"name":"admin","@id":"https:\/\/nsfocusglobal.com\/pt-br\/#\/schema\/person\/fd9ab61c9c77a81bbd870f725cc0c61d"},"headline":"Drupal Code Execution Vulnerability Analysis","datePublished":"2018-03-30T05:41:56+00:00","dateModified":"2025-07-09T07:14:45+00:00","mainEntityOfPage":{"@id":"https:\/\/nsfocusglobal.com\/drupal-code-execution-vulnerability-analysis\/"},"wordCount":1013,"commentCount":0,"publisher":{"@id":"https:\/\/nsfocusglobal.com\/pt-br\/#organization"},"image":{"@id":"https:\/\/nsfocusglobal.com\/drupal-code-execution-vulnerability-analysis\/#primaryimage"},"thumbnailUrl":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2018\/03\/BuildForm.png","articleSection":["Blog","Emergency Response","Research & Reports"],"inLanguage":"pt-BR","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/nsfocusglobal.com\/drupal-code-execution-vulnerability-analysis\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/nsfocusglobal.com\/drupal-code-execution-vulnerability-analysis\/","url":"https:\/\/nsfocusglobal.com\/drupal-code-execution-vulnerability-analysis\/","name":"Drupal Code Execution Vulnerability Analysis - NSFOCUS","isPartOf":{"@id":"https:\/\/nsfocusglobal.com\/pt-br\/#website"},"primaryImageOfPage":{"@id":"https:\/\/nsfocusglobal.com\/drupal-code-execution-vulnerability-analysis\/#primaryimage"},"image":{"@id":"https:\/\/nsfocusglobal.com\/drupal-code-execution-vulnerability-analysis\/#primaryimage"},"thumbnailUrl":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2018\/03\/BuildForm.png","datePublished":"2018-03-30T05:41:56+00:00","dateModified":"2025-07-09T07:14:45+00:00","breadcrumb":{"@id":"https:\/\/nsfocusglobal.com\/drupal-code-execution-vulnerability-analysis\/#breadcrumb"},"inLanguage":"pt-BR","potentialAction":[{"@type":"ReadAction","target":["https:\/\/nsfocusglobal.com\/drupal-code-execution-vulnerability-analysis\/"]}]},{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/nsfocusglobal.com\/drupal-code-execution-vulnerability-analysis\/#primaryimage","url":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2018\/03\/BuildForm.png","contentUrl":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2018\/03\/BuildForm.png","width":506,"height":415,"caption":"Code snippet for building a form."},{"@type":"BreadcrumbList","@id":"https:\/\/nsfocusglobal.com\/drupal-code-execution-vulnerability-analysis\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/nsfocusglobal.com\/"},{"@type":"ListItem","position":2,"name":"Drupal Code Execution Vulnerability Analysis"}]},{"@type":"WebSite","@id":"https:\/\/nsfocusglobal.com\/pt-br\/#website","url":"https:\/\/nsfocusglobal.com\/pt-br\/","name":"NSFOCUS","description":"Security Made Smart and Simple","publisher":{"@id":"https:\/\/nsfocusglobal.com\/pt-br\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/nsfocusglobal.com\/pt-br\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"pt-BR"},{"@type":"Organization","@id":"https:\/\/nsfocusglobal.com\/pt-br\/#organization","name":"NSFOCUS","url":"https:\/\/nsfocusglobal.com\/pt-br\/","logo":{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/nsfocusglobal.com\/pt-br\/#\/schema\/logo\/image\/","url":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2024\/08\/logo-ns.png","contentUrl":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2024\/08\/logo-ns.png","width":248,"height":36,"caption":"NSFOCUS"},"image":{"@id":"https:\/\/nsfocusglobal.com\/pt-br\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/nsfocusglobal.com\/pt-br\/#\/schema\/person\/fd9ab61c9c77a81bbd870f725cc0c61d","name":"admin","image":{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/secure.gravatar.com\/avatar\/d3dc987908fc59791d261b1006d84eb931d15287261476b9384e690ed0c568de?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/d3dc987908fc59791d261b1006d84eb931d15287261476b9384e690ed0c568de?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d3dc987908fc59791d261b1006d84eb931d15287261476b9384e690ed0c568de?s=96&d=mm&r=g","caption":"admin"},"sameAs":["https:\/\/nsfocusglobal.com"],"url":"https:\/\/nsfocusglobal.com\/pt-br\/author\/admin\/"}]}},"_links":{"self":[{"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/posts\/7650","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/comments?post=7650"}],"version-history":[{"count":1,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/posts\/7650\/revisions"}],"predecessor-version":[{"id":32643,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/posts\/7650\/revisions\/32643"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/media\/35805"}],"wp:attachment":[{"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/media?parent=7650"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/categories?post=7650"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/tags?post=7650"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}