diff --git a/pkg/webhook/clusteroverridepolicy/validating.go b/pkg/webhook/clusteroverridepolicy/validating.go
index aa91f889e974..f9185d4c7330 100644
--- a/pkg/webhook/clusteroverridepolicy/validating.go
+++ b/pkg/webhook/clusteroverridepolicy/validating.go
@@ -32,7 +32,7 @@ func (v *ValidatingAdmission) Handle(_ context.Context, req admission.Request) a
 
 	if errs := validation.ValidateOverrideSpec(&policy.Spec); len(errs) != 0 {
 		klog.Error(errs)
-		return admission.Denied(errs.ToAggregate().Error())
+		return admission.Errored(http.StatusBadRequest, errs.ToAggregate())
 	}
 
 	return admission.Allowed("")
diff --git a/pkg/webhook/clusterpropagationpolicy/validating.go b/pkg/webhook/clusterpropagationpolicy/validating.go
index b369c24bce90..52be4ce3ab52 100644
--- a/pkg/webhook/clusterpropagationpolicy/validating.go
+++ b/pkg/webhook/clusterpropagationpolicy/validating.go
@@ -42,14 +42,14 @@ func (v *ValidatingAdmission) Handle(_ context.Context, req admission.Request) a
 		if policy.Spec.SchedulerName != oldPolicy.Spec.SchedulerName {
 			err = fmt.Errorf("the schedulerName should not be updated")
 			klog.Error(err)
-			return admission.Denied(err.Error())
+			return admission.Errored(http.StatusBadRequest, err)
 		}
 	}
 
 	errs := validation.ValidatePropagationSpec(policy.Spec)
 	if len(errs) != 0 {
 		klog.Error(errs)
-		return admission.Denied(errs.ToAggregate().Error())
+		return admission.Errored(http.StatusBadRequest, errs.ToAggregate())
 	}
 	return admission.Allowed("")
 }
diff --git a/pkg/webhook/configuration/validating.go b/pkg/webhook/configuration/validating.go
index e466d1bf41b0..6073e20a84f9 100644
--- a/pkg/webhook/configuration/validating.go
+++ b/pkg/webhook/configuration/validating.go
@@ -48,7 +48,7 @@ func (v *ValidatingAdmission) Handle(_ context.Context, req admission.Request) a
 
 	if len(allErrors) != 0 {
 		klog.Error(allErrors.ToAggregate())
-		return admission.Denied(allErrors.ToAggregate().Error())
+		return admission.Errored(http.StatusBadRequest, allErrors.ToAggregate())
 	}
 
 	return admission.Allowed("")
diff --git a/pkg/webhook/cronfederatedhpa/validation.go b/pkg/webhook/cronfederatedhpa/validation.go
index 4a9e7cc7a323..cfa8004ee35c 100755
--- a/pkg/webhook/cronfederatedhpa/validation.go
+++ b/pkg/webhook/cronfederatedhpa/validation.go
@@ -58,7 +58,7 @@ func (v *ValidatingAdmission) Handle(_ context.Context, req admission.Request) a
 	errs = append(errs, validateCronFederatedHPASpec(&cronFHPA.Spec, field.NewPath("spec"))...)
 
 	if len(errs) != 0 {
-		return admission.Denied(errs.ToAggregate().Error())
+		return admission.Errored(http.StatusBadRequest, errs.ToAggregate())
 	}
 	return admission.Allowed("")
 }
diff --git a/pkg/webhook/federatedhpa/validation.go b/pkg/webhook/federatedhpa/validation.go
index 3be59d99d250..5517c30adfce 100644
--- a/pkg/webhook/federatedhpa/validation.go
+++ b/pkg/webhook/federatedhpa/validation.go
@@ -32,7 +32,7 @@ func (v *ValidatingAdmission) Handle(_ context.Context, req admission.Request) a
 
 	if errs := lifted.ValidateFederatedHPA(fhpa); len(errs) != 0 {
 		klog.Errorf("%v", errs)
-		return admission.Denied(errs.ToAggregate().Error())
+		return admission.Errored(http.StatusBadRequest, errs.ToAggregate())
 	}
 
 	return admission.Allowed("")
diff --git a/pkg/webhook/federatedresourcequota/validating.go b/pkg/webhook/federatedresourcequota/validating.go
index 7a9b531138dc..fb7d60111cdf 100644
--- a/pkg/webhook/federatedresourcequota/validating.go
+++ b/pkg/webhook/federatedresourcequota/validating.go
@@ -37,7 +37,7 @@ func (v *ValidatingAdmission) Handle(_ context.Context, req admission.Request) a
 
 	if errs := validateFederatedResourceQuota(quota); len(errs) != 0 {
 		klog.Errorf("%v", errs)
-		return admission.Denied(errs.ToAggregate().Error())
+		return admission.Errored(http.StatusBadRequest, errs.ToAggregate())
 	}
 
 	return admission.Allowed("")
diff --git a/pkg/webhook/multiclusteringress/validating.go b/pkg/webhook/multiclusteringress/validating.go
index 4270c9e0099d..915b74d089c1 100644
--- a/pkg/webhook/multiclusteringress/validating.go
+++ b/pkg/webhook/multiclusteringress/validating.go
@@ -41,12 +41,12 @@ func (v *ValidatingAdmission) Handle(_ context.Context, req admission.Request) a
 		}
 		if errs := validateMCIUpdate(oldMci, mci); len(errs) != 0 {
 			klog.Errorf("%v", errs)
-			return admission.Denied(errs.ToAggregate().Error())
+			return admission.Errored(http.StatusBadRequest, errs.ToAggregate())
 		}
 	} else {
 		if errs := validateMCI(mci); len(errs) != 0 {
 			klog.Errorf("%v", errs)
-			return admission.Denied(errs.ToAggregate().Error())
+			return admission.Errored(http.StatusBadRequest, errs.ToAggregate())
 		}
 	}
 	return admission.Allowed("")
diff --git a/pkg/webhook/multiclusterservice/validating.go b/pkg/webhook/multiclusterservice/validating.go
index 45319474406a..16e549e620f1 100644
--- a/pkg/webhook/multiclusterservice/validating.go
+++ b/pkg/webhook/multiclusterservice/validating.go
@@ -44,12 +44,12 @@ func (v *ValidatingAdmission) Handle(ctx context.Context, req admission.Request)
 		}
 		if errs := v.validateMCSUpdate(oldMcs, mcs); len(errs) != 0 {
 			klog.Errorf("Validating MultiClusterServiceUpdate failed: %v", errs)
-			return admission.Denied(errs.ToAggregate().Error())
+			return admission.Errored(http.StatusBadRequest, errs.ToAggregate())
 		}
 	} else {
 		if errs := v.validateMCS(mcs); len(errs) != 0 {
 			klog.Errorf("Validating MultiClusterService failed: %v", errs)
-			return admission.Denied(errs.ToAggregate().Error())
+			return admission.Errored(http.StatusBadRequest, errs.ToAggregate())
 		}
 	}
 	return admission.Allowed("")
diff --git a/pkg/webhook/overridepolicy/validating.go b/pkg/webhook/overridepolicy/validating.go
index b126717e174f..8e0bd9c777ba 100644
--- a/pkg/webhook/overridepolicy/validating.go
+++ b/pkg/webhook/overridepolicy/validating.go
@@ -32,7 +32,7 @@ func (v *ValidatingAdmission) Handle(_ context.Context, req admission.Request) a
 
 	if errs := validation.ValidateOverrideSpec(&policy.Spec); len(errs) != 0 {
 		klog.Error(errs)
-		return admission.Denied(errs.ToAggregate().Error())
+		return admission.Errored(http.StatusBadRequest, errs.ToAggregate())
 	}
 
 	return admission.Allowed("")
diff --git a/pkg/webhook/propagationpolicy/validating.go b/pkg/webhook/propagationpolicy/validating.go
index 69f727b4231d..92a6c0f6d1f6 100644
--- a/pkg/webhook/propagationpolicy/validating.go
+++ b/pkg/webhook/propagationpolicy/validating.go
@@ -42,14 +42,14 @@ func (v *ValidatingAdmission) Handle(_ context.Context, req admission.Request) a
 		if policy.Spec.SchedulerName != oldPolicy.Spec.SchedulerName {
 			err = fmt.Errorf("the schedulerName should not be updated")
 			klog.Error(err)
-			return admission.Denied(err.Error())
+			return admission.Errored(http.StatusBadRequest, err)
 		}
 	}
 
 	errs := validation.ValidatePropagationSpec(policy.Spec)
 	if len(errs) != 0 {
 		klog.Error(errs)
-		return admission.Denied(errs.ToAggregate().Error())
+		return admission.Errored(http.StatusBadRequest, errs.ToAggregate())
 	}
 	return admission.Allowed("")
 }
diff --git a/pkg/webhook/resourceinterpretercustomization/validating.go b/pkg/webhook/resourceinterpretercustomization/validating.go
index e6edac74de6b..ed4050fd04d7 100644
--- a/pkg/webhook/resourceinterpretercustomization/validating.go
+++ b/pkg/webhook/resourceinterpretercustomization/validating.go
@@ -35,7 +35,7 @@ func (v *ValidatingAdmission) Handle(ctx context.Context, req admission.Request)
 		return admission.Errored(http.StatusInternalServerError, err)
 	}
 	if err = validateResourceInterpreterCustomizations(configuration, configs); err != nil {
-		return admission.Denied(err.Error())
+		return admission.Errored(http.StatusBadRequest, err)
 	}
 	return admission.Allowed("")
 }