Page parameter failed firewall check

A user on our site was blocked by Shield. She got the message “Something in the URL, Form or Cookie data wasn’t appropriate.”. In the Audit Trail Viewer I saw the message:

Page parameter failed firewall check. The offending parameter was "wordpress_logged_in_1{REDACTED}9" with a value of "{USERNAME}|1527931740|T{REDACTED}LFl0xA0fHz{REDACTED}k|4{REDACTED}1". Firewall Trigger: WordPress Terms. Firewall Block Response: Visitor connection was killed with wp_die() and a message.

(I changed the real username and cookie value a bit in the line above)

In src/config/feature-firewall.php there is a regular expression, which is probably used to see if the value is dangerous in any way: “[^0-9]0x[0-9a-f][0-9a-f]”

As you can see in the part of the cookie value I left unchanged, the cookie value of this particular user happens to contain ‘l0xA0’. Which is probably caught by the regex, causing the Shield plugin to block her.

Do you think the regex could/should be changed to no longer catch legitimate WordPress cookie values? Or do you think WordPress should actually not use cookie values with ‘0x’ in them?

Many thanks!
Sandra