Hi,
Our last security scan did not detect any SQL injection vulnerability on the Bonita login.
I would be interested to discuss the matter directly with you, so that you can help me understand what you found. I'll make sure someone contacts you directly in private.
Captain Bonita