Handle System_Settings errors better in middleware

[valentijnscholten]

The try-except here was catching all exceptions which would hide any structural problems like missing columns due to migration problems as it was swallowing the errors and return a default System_Settings object.

I tried catching only specific errors or returning None instead, but this would break startup in too many places and would prevent users from being able to start any container to go into and fix problems.

This PR now adds displaying of error messages in the UI to make it clear "something is wrong".

[dryrunsecurity]

This pull request includes code that catches all exceptions during a database lookup and displays the raw exception string (str(e)) to users, risking information disclosure of sensitive infrastructure details (hostnames, usernames, schema info). The issue is non-blocking but should be fixed to log detailed errors internally and show a generic, non-sensitive message to users.

Information Disclosure via Detailed Error Message in dojo/middleware.py

Vulnerability	Information Disclosure via Detailed Error Message
Description	The code catches all exceptions during a database lookup and captures the raw exception string (str(e)) to be displayed to the user via a warning message. Database exceptions often contain sensitive infrastructure details (hostnames, user names, schema info) that should not be exposed to end users, especially unauthenticated ones.

django-DefectDojo/dojo/middleware.py

Lines 163 to 166 in 573073c

	error_msg = str(e)
	if hasattr(DojoSytemSettingsMiddleware._thread_local, "system_settings_error"):
	# Only store the first error to avoid duplicates
	pass

---

All finding details can be found in the DryRun Security Dashboard.