Vulnerability Audit: Display Risk Score Column For Grouped Vulnerabilities

[msymons]

Current Behavior

The Vulnerability Audit Screen has a column that displays the count of affected projects for each vulnerability. It really is useful to see (say) that vulnerability A affects 150 projects and vulnerabilities B and C each affect 20.

However, this does not take weighted risk score into account, ie, where A and C are both low severity (score = 1) and B is critical (score = 10).

In this example, risks scores would be 150 for A, 200 for B, 20 for C.

Having this information missing from the "Grouped Vulnerabilities" Audit screen thus makes it harder to audit based on risk.

Proposed Behavior

Add Risk Score Column to the "Grouped Vulnerabilities" Audit Screen. The column needs to be sortable.

Checklist

• [X] I have read and understand the contributing guidelines
• [X] I have checked the existing issues for whether this enhancement was already requested