Vulnerability misses the overall CVSS score

[mauritsvanrees]

The original plone.org had this in the vulnerability view:

What is missing on the new plone.org:

• The contact information. See original template.
• The overall score. See original template , which gets the score (5.0) from a property on the content type and the scariness (medium) from the view, although that last part could easily be done in javascript as well.
• The nice colours to indicate how bad each item is. Note that "None" is sometimes good and sometimes bad. The template gets the css classes from the view, which gets them from vocabularies in the content type.

I would say the way it looks currently is okay for the moment, but should be fixed before we have a new hotfix.

• [ ] We need a restapi endpoint. What would be a good way to do this? Create a serialiser for the vulnerability type which includes all fields plus the above information? Of create an endpoint that specifically gets only the above missing info?
• [ ] A view in the Volto frontend to show this.

[sneridagh]

@mauritsvanrees it seems a good fit for enhancing the vulnerability serializer at first sight, specially if the code already exists in the backend, or implement all that logic in JS.