Added one more example to the qhelp

ruby/ql/src/experimental/cwe-176/UnicodeBypassValidation.qhelp

@@ -23,6 +23,18 @@
 
         <sample src="./examples/unicode_normalization.rb" />
 
+    </example>
+    <example>
+
+        <p> The next example shows how an early deletion of a character may be bypassed due to a
+            potential Unicode character collision.</p>
+        <p>The character <code>&lt;</code> was expected to be omitted from the string <code>s</code>.
+            However, a malicious user may consider using its colliding Unicode character U+FE64 <code>
+            ﹤</code> as an alternative. Due to the Late-Unicode normalization with the form NFKC,
+            the resulting string would contain the unintended character <code>&lt;</code> . </p>
+
+        <sample src="./examples/unicode_normalization2.rb" />
+
     </example>
     <references>
         <li> Research study: <a

ruby/ql/src/experimental/cwe-176/examples/unicode_normalization2.rb

@@ -0,0 +1,2 @@
+s = "﹤xss>"
+puts s.delete("<").unicode_normalize(:nfkc).include?("<")