We identified an issue with our web application firewall that was resulting in legitimate requests being identified as malicious. The offending rule has now been relaxed.