lib/dradis/plugins/openvas/importer.rb in dradis-openvas-3.6.0 vs lib/dradis/plugins/openvas/importer.rb in dradis-openvas-3.7.0

@@ -49,13 +49,10 @@
 
       # Add evidence. It doesn't look like OpenVAS provides much in terms of
       # instance-specific evidence though.
       logger.info{ "\t\t => Adding reference to this host" }
 
-      port_info = xml_result.at_xpath('./port').text
-      evidence_content = "\n#[Port]#\n#{port_info}\n\n"
-
       # There is no way of knowing where OpenVAS is going to place the evidence
       # for each issue. For example:
       #
       # A) 1.3.6.1.4.1.25623.1.0.900498 - 'Apache Web ServerVersion Detection'
       # uses the full <description> field:
@@ -89,12 +86,11 @@
       #
       # C) 1.3.6.1.4.1.25623.1.0.10766 - 'Apache UserDir Sensitive Information Disclosure'
       # doesn't provide any per-instance information.
       #
       # Best thing to do is to include the full <description> field and let the user deal with it.
-      description = xml_result.at_xpath('./description').text()
-      evidence_content << "\n#[Description]#\n#{description}\n\n"
-
+      
+      evidence_content = template_service.process_template(template: 'evidence', data: xml_result)
       content_service.create_evidence(issue: issue, node: host_node, content: evidence_content)
     end
 
   end
 end