DAST report contains an array for the `site` property instead of an unique object and shows no vulnerabilities in Security Project dashboard
I've been testing Security features with my pet project and ran into an issue when DAST job found vulnerabilities but they ain't shown in the Security Project dashboard.
Steps to reproduce
- Run DAST job on
masterbranch, be sure that in logs of the job you see reported vulnerabilities.
- Go to Security Project Dashboard to observe found DAST vulnerabilities.
- Go to Network tab in browser's Developer tools and find a response for
- Make sure that this response isn't empty.
What is the current bug behavior?
DAST detected no vulnerabilities
What is the expected correct behavior?
Found DAST vulnerabilities in Security Project Dashboard
Relevant logs and/or screenshots
Output of checks
This bug happens on GitLab.com
DAST report is providing an array value for
site property while we expect an object.
We should update the frontend parser to handle both cases.