SonarQube version: 7.3 Community License
Some issues are not included in Security Reports after analysis, it display inside the Not OWASP group even they are tagged as
owasp-a1...10 as screenshot below.
Why is it like that? What kind of issue that will be included to the Security Reports?