Question regarding a web application vulnerability discovered during a web application vulnerability scan.