Add project field to VulnerabilityType

What does this MR do?

This field is required to show each vulnerability's project on the group and instance security dashboard.

#214269 (closed)

Does this MR meet the acceptance criteria?

Conformity

• Changelog entry
• Documentation (if required)
• Code review guidelines
• Merge request performance guidelines
• Style guides
• Database guides
• Separation of EE specific content

Availability and Testing

• Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process.

Closes #214269 (closed)