Remove `message` field from Vulnerability GraphQL type and CSV export

Why are we doing this work?

Since security report schema no longer contains the message field, and we deprecated the message argument in the VulnerabilityCreate GraphQL mutation, we can remove that field from GraphQL API or CSV export.

Implementation plan

1. Remove message argument from VulnerabilityCreate GraphQL mutation
2. Remove message field and method from Vulnerability GraphQL type
3. Remove finding_message from ee/app/services/vulnerability_exports/exporters/csv_service.rb
4. Adjust specs