I am trying to collect confirmed vulnerabilities from all scanned applications. According to documentations page 357 I use filter
<Criteria field="webApp.name" operator="CONTAINS">-</Criteria>
According to documentation Qualys should reply for such API call with data which includes finding URL. Position in response is 'Finding/url ' but in reality the API response does not include it.
Calling each finding ID for search finding details is not an option as with limitation of API calls per hour it would take too long.