Vulnerabilities identifier links point to the general documentation page (DAST API analyzer)

Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.

Close this issue

Summary

DAST API analyzer generates reports with Identifier links Framework Debug Mode. These are too generic and do not provide customers with useful information about the particular vulnerability that was detected.

These links should have information about the specific vulnerabilities detected, ideally they should lead to respective checks pages from documentation: https://docs.gitlab.com/ee/user/application_security/dast_api/checks/

Example Vulnerability

https://gitlab.com/gl-demo-ultimate-khrechyshkina/openapi-example/-/security/vulnerabilities/114424388

Output of checks

This bug happens on GitLab.com

Possible fixes

Edited Jun 13, 2025 by 🤖 GitLab Bot 🤖