Update the vulnerability export to allow the user to select the exported ref

The current vulnerability export functionality does not allow for the application of parameters from the frontend.

As a result, and to the surprise of many users, despite the filters applied to the frontend, the resulting export contains all the project vulnerabilities.

As vulnerabilities will now exist (and likely duplicate) across multiple branches, users need to be able to choose their desired branch for export (or otherwise this context should be gathered from the currently applied filters on the report.

The vulnerability export already uses the VulnerabilityReadsFinder which can be scope by further filter parameters. It may be worthwhile to hit two birds with one stone and just enable the API to accept general filter parameters that the report supports for the export.