lib/nexpose/vulnerability.rb in dradis-nexpose-3.6.0 vs lib/nexpose/vulnerability.rb in dradis-nexpose-3.7.0
- old
+ new
@@ -23,11 +23,14 @@
# simple tags
:description, :solution,
# multiple tags
- :references, :tags
+ :references, :tags,
+
+ # evidence tag
+ :details
]
end
# This allows external callers (and specs) to check for implemented
@@ -81,15 +84,29 @@
return lines.join("\n\n")
end
# Finally the enumerations: references, tags
if method_name == 'references'
- @xml.xpath("./references/reference").collect{|entry| {:source => entry['source'], :text => entry.text} }
+ references =
+ @xml.xpath("./references/reference").map do |entry|
+ {:source => entry['source'], :text => entry.text}
+ end
+
+ return references
elsif method == 'tags'
- @xml.xpath("./tags/tag").collect(&:text)
- else
- # nothing found, the tag is valid but not present in this ReportItem
- return nil
+ return @xml.xpath("./tags/tag").collect(&:text)
end
+
+ # Handle evidence creation
+ if method_name == 'details'
+ vuln_id = @xml.attributes['id'].value
+
+ return @xml.xpath("//test[@id='#{vuln_id}']/Paragraph").
+ text.split("\n").
+ collect(&:strip).
+ reject{|line| line.empty?}.join("\n")
+ end
+
+ nil
end
end
end