dradis-qualys 3.21.0 → 4.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: e3c7d833dd84e2bf216b93b9b25bf4c536323bb1273bdf02bc538e0c864d9beb
-  data.tar.gz: 60844d26ac41bd494d11418861275e09b3ffae575a587c8a243e366422febc42
+  metadata.gz: 3ba4d6ad211ac3a9b0b671a70ca898f8b4209476b0a60f2da30e8e4421a805f6
+  data.tar.gz: 5d2e7db73a7a40784fa6c4334e060daa1cbf730655d489efe594f3fd8acb7b07
 SHA512:
-  metadata.gz: d65729940d71d316e43744a4e426ae5b22979cccfa7fa3eed6de53ba3e603e662f34764eee9c7db7ddaef92aa3a56d28d30df274a86a982d13b4766f36ddbc91
-  data.tar.gz: 4be4b2c87ec17804e03549b3bbc216fb7201d9a737f8ccea8aa48ce32fc2c0ead85118703497c1616272b71852a4d50e11817105d6b15203701f196bee13816e
+  metadata.gz: d612c8715670f02a26c9be3efc6f9406c5543e3e5b76725d56baf394a0cce8eeafe4fd2c8cab28e2558b70d60b9e72a79c25a29a9266df52e0efa32a963425ae
+  data.tar.gz: e3ae22e600fa0b9ad4f96215ed9e981f4f932bc38480ee48608f28c578c1fe53d426550c30b0a6228d0109d36f422eb7deee3fc6df62359c55cc39396c42848c

data/CHANGELOG.md

@@ -1,65 +1,62 @@
-## Dradis Framework 3.21 (February, 2021) ##
+v4.2.0 (February 2022)
+  - Added 'element.qualys_collection' as issue field
+  - Added Qualys Web Application Scanner (WAS) support
 
-*  No changes.
+v4.1.0 (November 2021)
+  - Add <dd>, <dt> support
+  - Remove orphaned <b> tags
 
-## Dradis Framework 3.20 (December, 2020) ##
+v4.0.0 (July 2021)
+  - No changes
 
-*  No changes.
+v3.22.0 (April 2021)
+  - No changes
 
-## Dradis Framework 3.19 (September, 2020) ##
+v3.21.0 (February 2021)
+  - No changes
 
-*  No changes.
+v3.20.0 (December 2020)
+  - No changes
 
-## Dradis Framework 3.18 (July, 2020) ##
+v3.19.0 (September 2020)
+  - No changes
 
-*  No changes.
+v3.18.0 (July 2020)
+  - No changes
 
-## Dradis Framework 3.17 (May, 2020) ##
+v3.17.0 (May 2020)
+  - No changes
 
-*  No changes.
+v3.16.0 (February 2020)
+  - No changes
 
-## Dradis Framework 3.16 (February, 2020) ##
+v3.15.0 (November 2019)
+  - No changes
 
-*  No changes.
+v3.14.0 (August 2019)
+  - No changes
 
-## Dradis Framework 3.15 (November, 2019) ##
+v3.13.0 (June 2019)
+  - No changes
 
-*  No changes.
+v3.12.0 (March 2019)
+  - No changes
 
-## Dradis Framework 3.14 (August, 2019) ##
+v3.11.0 (November 2018)
+  - No changes
 
-*  No changes.
+v3.10.0 (August 2018)
+  - No changes
 
-## Dradis Framework 3.13 (June, 2019) ##
+v3.9.0 (January 2018)
+  - Add `os`, `hostname`, and `ip` as Node properties instead of a `Basic host info` Note
 
-*  No changes.
+v3.8.0 (September 2017)
+  - No changes
 
-## Dradis Framework 3.12 (March, 2019) ##
+v3.7.0 (July 2017)
+  - Better HTML entity translation (thanks @leesoh)
+  - Import INFOS, SERVICES, etc as Issues #7 (thanks @rachkor)
 
-*  No changes.
-
-## Dradis Framework 3.11 (November, 2018) ##
-
-*  No changes.
-
-## Dradis Framework 3.10 (August, 2018) ##
-
-*   No changes.
-
-## Dradis Framework 3.9 (January, 2018) ##
-
-*   Add `os`, `hostname`, and `ip` as Node properties
-    instead of a `Basic host info` Note (v3.8.1)
-
-## Dradis Framework 3.8 (September, 2017) ##
-
-*   No changes.
-
-## Dradis Framework 3.7 (July, 2017) ##
-
-*   Better HTML entity translation (thanks @leesoh).
-*   Import INFOS, SERVICES, etc as Issues #7 (thanks @rachkor).
-
-## Dradis Framework 3.6 (March, 2017) ##
-
-*   No changes.
+v3.6.0 (March 2017)
+  - No changes

data/CHANGELOG.template

@@ -0,0 +1,12 @@
+[v#.#.#] ([month] [YYYY])
+  - [future tense verb] [feature]
+  - Upgraded gems:
+    - [gem]
+  - Bugs fixes:
+    - [future tense verb] [bug fix]
+    - Bug tracker items:
+      - [item]
+  - Security Fixes:
+    - High: (Authenticated|Unauthenticated) (admin|author|contributor) [vulnerability description]
+    - Medium: (Authenticated|Unauthenticated) (admin|author|contributor) [vulnerability description]
+    - Low: (Authenticated|Unauthenticated) (admin|author|contributor) [vulnerability description]

data/dradis-qualys.gemspec

@@ -24,7 +24,7 @@ Gem::Specification.new do |spec|
   # versions of Rails (a sure recipe for disaster, I'm sure), which is needed
   # until we bump Dradis Pro to 4.1.
   # s.add_dependency 'rails', '~> 4.1.1'
-  spec.add_dependency 'dradis-plugins', '~> 3.6'
+  spec.add_dependency 'dradis-plugins', '~> 4.0'
   spec.add_dependency 'nokogiri', '~> 1.3'
 
   spec.add_development_dependency 'bundler', '~> 1.6'

data/lib/dradis/plugins/qualys/engine.rb

@@ -5,5 +5,17 @@ module Dradis::Plugins::Qualys
     include ::Dradis::Plugins::Base
     description 'Processes Qualys output'
     provides :upload
+
+    # Because this plugin provides two export modules, we have to overwrite
+    # the default .uploaders() method.
+    #
+    # See:
+    #  Dradis::Plugins::Upload::Base in dradis-plugins
+    def self.uploaders
+      [
+        Dradis::Plugins::Qualys::Vuln,
+        Dradis::Plugins::Qualys::WAS
+      ]
+    end
   end
 end

data/lib/dradis/plugins/qualys/field_processor.rb

@@ -4,8 +4,15 @@ module Dradis
       class FieldProcessor < Dradis::Plugins::Upload::FieldProcessor
 
         def post_initialize(args={})
-          @cat_object = data
-          @qualys_object = ::Qualys::Element.new(data.elements.first)
+          case data.name
+          when 'CAT'
+            @cat_object = data
+            @qualys_object = ::Qualys::Element.new(data.elements.first)
+          when 'QID'
+            @qualys_object = ::Qualys::WAS::QID.new(data)
+          when 'VULNERABILITY'
+            @qualys_object = ::Qualys::WAS::Vulnerability.new(data)
+          end
         end
 
         def value(args={})
@@ -13,8 +20,14 @@ module Dradis
 
           # Fields in the template are of the form <foo>.<field>, where <foo>
           # is common across all fields for a given template (and meaningless).
-          _, name = field.split('.')
+          # However we can use it to identify the type of scan we're processing.
+          type, name = field.split('.')
+
+          %{element evidence}.include?(type) ? value_network(name) : value_was(name)
+        end
 
+        private
+        def value_network(name)
           if %w{cat_fqdn cat_misc cat_port cat_protocol cat_value}.include?(name)
             attribute = name[4..-1]
             @cat_object[attribute] || 'n/a'
@@ -36,6 +49,9 @@ module Dradis
           end
         end
 
+        def value_was(name)
+          @qualys_object.try(name) || 'n/a'
+        end
       end
     end
   end

data/lib/dradis/plugins/qualys/gem_version.rb

@@ -7,8 +7,8 @@ module Dradis
       end
 
       module VERSION
-        MAJOR = 3
-        MINOR = 21
+        MAJOR = 4
+        MINOR = 2
         TINY = 0
         PRE = nil
 

data/lib/dradis/plugins/qualys/vuln/importer.rb

@@ -0,0 +1,103 @@
+module Dradis::Plugins::Qualys
+  module Vuln
+    def self.meta
+      package = Dradis::Plugins::Qualys
+
+      {
+        name: package::Engine::plugin_name,
+        description: 'Upload Qualys Vulnerability Management results (.xml)',
+        version: package.version
+      }
+    end
+
+    class Importer < Dradis::Plugins::Upload::Importer
+      attr_accessor :host_node
+
+      def initialize(args={})
+        args[:plugin] = Dradis::Plugins::Qualys
+        super(args)
+      end
+
+      # The framework will call this function if the user selects this plugin from
+      # the dropdown list and uploads a file.
+      # @returns true if the operation was successful, false otherwise
+      def import(params={})
+        file_content = File.read( params[:file] )
+
+        logger.info{'Parsing Qualys output file...'}
+        @doc = Nokogiri::XML( file_content )
+        logger.info{'Done.'}
+
+        if @doc.root.name != 'SCAN'
+          error = "No scan results were detected in the uploaded file. Ensure you uploaded a Qualys XML file."
+          logger.fatal{ error }
+          content_service.create_note text: error
+          return false
+        end
+
+        @doc.xpath('SCAN/IP').each do |xml_host|
+          process_ip(xml_host)
+        end
+
+        return true
+      end
+
+      private
+
+      def process_ip(xml_host)
+        host_ip = xml_host['value']
+        logger.info{ "Host: %s" % host_ip }
+
+        self.host_node = content_service.create_node(label: host_ip, type: :host)
+
+        host_node.set_property(:ip, host_ip)
+        host_node.set_property(:hostname, xml_host['name'])
+        if (xml_os = xml_host.xpath('OS')) && xml_os.any?
+          host_node.set_property(:os, xml_os.text)
+        end
+        host_node.save
+
+        # We treat INFOS, SERVICES, PRACTICES, and VULNS the same way
+        # All of these are imported into Dradis as Issues
+        ['INFOS', 'SERVICES', 'PRACTICES', 'VULNS'].each do |collection|
+          xml_host.xpath(collection).each do |xml_collection|
+            process_collection(collection, xml_collection)
+          end
+        end
+      end
+
+      def process_collection(collection, xml_collection)
+        xml_cats = xml_collection.xpath('CAT')
+
+        xml_cats.each do |xml_cat|
+          logger.info{ "\t#{ collection } - #{ xml_cat['value'] }" }
+
+          empty_dup_xml_cat = xml_cat.dup
+          empty_dup_xml_cat.children.remove
+
+          # For each INFOS/CAT/INFO, SERVICES/CAT/SERVICE, VULNS/CAT/VULN, etc.
+          xml_cat.xpath(collection.chop).each do |xml_element|
+            dup_xml_cat = empty_dup_xml_cat.dup
+            dup_xml_cat.add_child(xml_element.dup)
+            cat_number = xml_element[:number]
+
+            process_vuln(cat_number, dup_xml_cat)
+
+          end
+        end
+      end
+
+      # Takes a <CAT> element containing a single <VULN> element and processes an
+      # Issue and Evidence template out of it.
+      def process_vuln(vuln_number, xml_cat)
+        logger.info{ "\t\t => Creating new issue (plugin_id: #{ vuln_number })" }
+        issue_text = template_service.process_template(template: 'element', data: xml_cat)
+        issue = content_service.create_issue(text: issue_text, id: vuln_number)
+
+        logger.info{ "\t\t => Creating new evidence" }
+        evidence_content = template_service.process_template(template: 'evidence', data: xml_cat)
+        content_service.create_evidence(issue: issue, node: self.host_node, content: evidence_content)
+      end
+    end
+  end
+end

data/lib/dradis/plugins/qualys/was/importer.rb

@@ -0,0 +1,109 @@
+module Dradis::Plugins::Qualys
+
+  # This module knows how to parse Qualys Web Application Scanner format.
+  module WAS
+    def self.meta
+      package = Dradis::Plugins::Qualys
+
+      {
+        name: package::Engine::plugin_name,
+        description: 'Upload Qualys WAS results (.xml)',
+        version: package.version
+      }
+    end
+
+    class Importer < Dradis::Plugins::Upload::Importer
+      def initialize(args={})
+        args[:plugin] = Dradis::Plugins::Qualys
+        super(args)
+
+        @issue_lookup = {}
+      end
+
+      def import(params={})
+        file_content = File.read(params[:file])
+
+        logger.info { 'Parsing Qualys WAS XML output file...'}
+        doc = Nokogiri::XML(file_content)
+        logger.info { 'Done.' }
+
+        if doc.root.name != 'WAS_SCAN_REPORT'
+          error = 'Document doesn\'t seem to be in the Qualys WAS XML format.'
+          logger.fatal { error }
+          content_service.create_note text: error
+          return false
+        end
+
+        logger.info { 'Global Summary information'}
+
+        xml_global_summary = doc.at_xpath('WAS_SCAN_REPORT/SUMMARY/GLOBAL_SUMMARY')
+        logger.info { 'Security Risk: ' + xml_global_summary.at_xpath('./SECURITY_RISK').text }
+        logger.info { 'Vulnerabilities found: ' + xml_global_summary.at_xpath('./VULNERABILITY').text }
+
+        xml_webapp = doc.at_xpath('WAS_SCAN_REPORT/APPENDIX/WEBAPP')
+        process_webapp(xml_webapp)
+
+        doc.xpath('WAS_SCAN_REPORT/GLOSSARY/QID_LIST/QID').each do |xml_qid|
+          process_issue(xml_qid)
+        end
+
+        doc.xpath('WAS_SCAN_REPORT/RESULTS/VULNERABILITY_LIST/VULNERABILITY').each do |xml_vulnerability|
+          process_evidence(xml_vulnerability)
+        end
+
+        true
+      end
+
+      private
+      attr_accessor :webapp_node, :issue_lookup
+
+      def process_evidence(xml_vulnerability)
+        id = xml_vulnerability.at_xpath('./ID').text
+
+        issue = issue_lookup[xml_vulnerability.at_xpath('./QID').text.to_i]
+        if issue
+          issue_id = issue.respond_to?(:id) ? issue.id : issue.to_issue.id
+
+          logger.info{ "\t => Creating new evidence (plugin_id: #{id})" }
+          logger.info{ "\t\t => Issue: #{issue.title} (plugin_id: #{issue_id})" }
+          logger.info{ "\t\t => Node: #{webapp_node.label} (#{webapp_node.id})" }
+        else
+          logger.info{ "\t => Couldn't find QID for evidence with ID=#{id}" }
+          return
+        end
+
+        evidence_content = template_service.process_template(template: 'was-evidence', data: xml_vulnerability)
+        content_service.create_evidence(issue: issue, node: webapp_node, content: evidence_content)
+      end
+
+      def process_issue(xml_qid)
+        qid = xml_qid.at_xpath('QID').text
+        logger.info{ "\t => Creating new issue (plugin_id: #{ qid })" }
+        issue_text = template_service.process_template(template: 'was-issue', data: xml_qid)
+        issue = content_service.create_issue(text: issue_text, id: qid)
+
+        issue_lookup[qid.to_i] = issue
+      end
+
+      def process_webapp(xml_webapp)
+        id = xml_webapp.at_xpath('./ID').text
+        name = xml_webapp.at_xpath('./NAME').text
+        url = xml_webapp.at_xpath('./URL').text
+        scope = xml_webapp.at_xpath('./SCOPE').text
+
+        uri = URI(url)
+        @webapp_node = content_service.create_node(label: uri.host, type: :host)
+
+        webapp_node.set_property('qualys.webapp.id', id)
+        webapp_node.set_property('qualys.webapp.name', name)
+        webapp_node.set_property('qualys.webapp.url', url)
+        webapp_node.set_property('qualys.webapp.scope', scope)
+        webapp_node.save!
+
+        logger.info { 'Webapp name: ' + name }
+        logger.info { 'Webapp URL: ' + url }
+        logger.info { 'Webapp scope: ' + scope }
+      end
+    end
+  end
+end

data/lib/dradis/plugins/qualys.rb

@@ -7,5 +7,7 @@ end
 
 require 'dradis/plugins/qualys/engine'
 require 'dradis/plugins/qualys/field_processor'
-require 'dradis/plugins/qualys/importer'
 require 'dradis/plugins/qualys/version'
+
+require 'dradis/plugins/qualys/vuln/importer'
+require 'dradis/plugins/qualys/was/importer'

data/lib/dradis-qualys.rb

@@ -6,3 +6,5 @@ require 'dradis/plugins/qualys'
 
 # Load supporting Qualys classes
 require 'qualys/element'
+require 'qualys/was/qid'
+require 'qualys/was/vulnerability'

data/lib/qualys/element.rb

@@ -1,4 +1,27 @@
 module Qualys
+
+  def self.cleanup_html(source)
+    result = source.dup
+    result.gsub!(/"/, '"')
+    result.gsub!(/&lt;/, '<')
+    result.gsub!(/&gt;/, '>')
+
+    result.gsub!(/<p>/i, "\n\n")
+    result.gsub!(/<br>/i, "\n")
+    result.gsub!(/          /, "")
+    result.gsub!(/<a href=\"(.*?)\"\s?target=\"_blank\">(.*?)<\/a>/i) { "\"#{$2.strip}\":#{$1.strip}" }
+    result.gsub!(/<pre>(.*?)<\/pre>/im) { |m| "\n\nbc.. #{$1.strip}\n\np.  \n" }
+    result.gsub!(/<b>(.*?)<\/b>/i) { "*#{$1.strip}*" }
+    result.gsub!(/<b>|<\/b>/i, "")
+    result.gsub!(/<i>(.*?)<\/i>/i) { "_#{$1.strip}_" }
+
+    result.gsub!(/<dl>|<\/dl>/i, "\n")
+    result.gsub!(/<dt>(.*?)<\/dt>/i) { "* #{$1.strip}" }
+    result.gsub!(/<dd>(.*?)<\/dd>/i) { "** #{$1.strip}" }
+    result
+  end
+
+
   # This class represents each of the /SCAN/IP/[INFOS|SERVICES|VULNS|PRACTICES]/CAT/[INFO|SERVICE|VULN|PRACTICE]
   # elements in the Qualys XML document.
   #
@@ -25,7 +48,10 @@ module Qualys
         :consequence, :solution, :compliance, :result,
 
         # multiple tags
-        :vendor_reference_list, :cve_id_list, :bugtraq_id_list
+        :vendor_reference_list, :cve_id_list, :bugtraq_id_list,
+
+        # category
+        :qualys_collection
       ]
     end
 
@@ -66,10 +92,10 @@ module Qualys
       return @xml.attributes[method_name].value if @xml.attributes.key?(method_name)
 
       # Then we try simple children tags: TITLE, LAST_UPDATE, CVSS_BASE...
-      tag = @xml.xpath("./#{method_name.upcase}").first
+      tag = @xml.at_xpath("./#{method_name.upcase}")
       if tag && !tag.text.blank?
         if tags_with_html_content.include?(method)
-          return cleanup_html(tag.text)
+          return Qualys::cleanup_html(tag.text)
         else
           return tag.text
         end
@@ -77,11 +103,8 @@ module Qualys
         'n/a'
       end
 
-      # Finally the enumerations: vendor_reference_list, cve_id_list, bugtraq_id_list
-      if method_name == 'references'
-        # @xml.xpath("./references/reference").collect{|entry| {:source => entry['source'], :text => entry.text} }
-      elsif method == 'tags'
-        # @xml.xpath("./tags/tag").collect(&:text)
+      if method_name == 'qualys_collection'
+        @xml.name
       else
         # nothing found, the tag is valid but not present in this ReportItem
         return nil
@@ -90,24 +113,8 @@ module Qualys
 
     private
 
-    def cleanup_html(source)
-      result = source.dup
-      result.gsub!(/&quot;/, '"')
-      result.gsub!(/&lt;/, '<')
-      result.gsub!(/&gt;/, '>')
-      
-      result.gsub!(/<p>/i, "\n\n")
-      result.gsub!(/<br>/i, "\n")
-      result.gsub!(/          /, "")
-      result.gsub!(/<a href=\"(.*?)\" target=\"_blank\">(.*?)<\/a>/i) { "\"#{$2.strip}\":#{$1.strip}" }
-      result.gsub!(/<pre>(.*?)<\/pre>/im) { |m| "\n\nbc.. #{$1.strip}\n\np.  \n" }
-      result.gsub!(/<b>(.*?)<\/b>/i) { "*#{$1.strip}*" }
-      result.gsub!(/<i>(.*?)<\/i>/i) { "_#{$1.strip}_" }
-      result
-    end
-
     def tags_with_html_content
-      [:diagnosis, :solution]
+      [:consequence, :diagnosis, :solution]
     end
 
   end

data/lib/qualys/was/qid.rb

@@ -0,0 +1,71 @@
+module Qualys::WAS
+  # This class represents each of the WAS_SCAN_REPORT/GLOSSARY/QID_LIST/QID
+  # elements in the Qualys WAS XML document.
+  #
+  # It provides a convenient way to access the information scattered all over
+  # the XML in attributes and nested tags.
+  #
+  # Instead of providing separate methods for each supported property we rely
+  # on Ruby's #method_missing to do most of the work.
+  class QID
+    # Accepts an XML node from Nokogiri::XML.
+    def initialize(xml_node)
+      @xml = xml_node
+    end
+
+    # List of supported tags. They can be attributes, simple descendans or
+    # collections (e.g. <references/>, <tags/>)
+    def supported_tags
+      [
+        # simple tags
+        :category, :cwe, :description, :group, :impact, :owasp, :qid,
+        :severity, :solution, :title, :wasc,
+
+        :cvss_base, :cvss_temporal, :cvss3_base, :cvss3_temporal, :cvss3_vector
+      ]
+    end
+
+    # This allows external callers (and specs) to check for implemented
+    # properties
+    def respond_to?(method, include_private=false)
+      return true if supported_tags.include?(method.to_sym)
+      super
+    end
+
+    # This method is invoked by Ruby when a method that is not defined in this
+    # instance is called.
+    #
+    # In our case we inspect the @method@ parameter and try to find the
+    # attribute, simple descendent or collection that it maps to in the XML
+    # tree.
+    def method_missing(method, *args)
+      # We could remove this check and return nil for any non-recognized tag.
+      # The problem would be that it would make tricky to debug problems with
+      # typos. For instance: <>.potr would return nil instead of raising an
+      # exception
+      unless supported_tags.include?(method)
+        super
+        return
+      end
+
+      method_name = method.to_s
+
+      # Then we try simple children tags: TITLE, LAST_UPDATE, CVSS_BASE...
+      tag = @xml.at_xpath("./#{method_name.upcase}")
+      if tag && !tag.text.blank?
+        if tags_with_html_content.include?(method)
+          return Qualys::cleanup_html(tag.text)
+        else
+          return tag.text
+        end
+      else
+        'n/a'
+      end
+    end
+
+    private
+    def tags_with_html_content
+      [:description, :impact, :solution]
+    end
+  end
+end

data/lib/qualys/was/vulnerability.rb

@@ -0,0 +1,68 @@
+module Qualys::WAS
+  # This class represents each of the WAS_SCAN_REPORT/RESULTS/VULNERABILITY_LIST/
+  # VULNERABILITY elements in the Qualys WAS XML document.
+  #
+  # It provides a convenient way to access the information scattered all over
+  # the XML in attributes and nested tags.
+  #
+  # Instead of providing separate methods for each supported property we rely
+  # on Ruby's #method_missing to do most of the work.
+  class Vulnerability
+    # Accepts an XML node from Nokogiri::XML.
+    def initialize(xml_node)
+      @xml = xml_node
+    end
+
+    # List of supported tags. They can be attributes, simple descendans or
+    # collections (e.g. <references/>, <tags/>)
+    def supported_tags
+      [
+        # simple tags
+        :access_paths,  :ajax,  :authentication,  :ignored,  :potential,  :url
+      ]
+    end
+
+    # This allows external callers (and specs) to check for implemented
+    # properties
+    def respond_to?(method, include_private=false)
+      return true if supported_tags.include?(method.to_sym)
+      super
+    end
+
+    # This method is invoked by Ruby when a method that is not defined in this
+    # instance is called.
+    #
+    # In our case we inspect the @method@ parameter and try to find the
+    # attribute, simple descendent or collection that it maps to in the XML
+    # tree.
+    def method_missing(method, *args)
+      # We could remove this check and return nil for any non-recognized tag.
+      # The problem would be that it would make tricky to debug problems with
+      # typos. For instance: <>.potr would return nil instead of raising an
+      # exception
+      unless supported_tags.include?(method)
+        super
+        return
+      end
+
+      method_name = method.to_s
+
+      # Then we try simple children tags: TITLE, LAST_UPDATE, CVSS_BASE...
+      tag = @xml.at_xpath("./#{method_name.upcase}")
+      if tag && !tag.text.blank?
+        if tags_with_html_content.include?(method)
+          return Qualys::cleanup_html(tag.text)
+        else
+          return tag.text
+        end
+      else
+        'n/a'
+      end
+    end
+
+    private
+    def tags_with_html_content
+      []
+    end
+  end
+end