diff --git a/ql/src/experimental/CWE-352/ConstantOauth2State.qhelp b/ql/src/experimental/CWE-352/ConstantOauth2State.qhelp
index 2e23f288718..4d14d003781 100644
--- a/ql/src/experimental/CWE-352/ConstantOauth2State.qhelp
+++ b/ql/src/experimental/CWE-352/ConstantOauth2State.qhelp
@@ -10,7 +10,7 @@
     </overview>
     <recommendation>
         <p>
-            Always include a unique, non-guessable <code>state</code> value to the <code>AuthCodeURL</code> that is also bound to the user's authenticated state, and then validated in the redirect callback.
+            Always include a unique, non-guessable <code>state</code> value (provided to the call to <code>AuthCodeURL</code> function) that is also bound to the user's authenticated state with each authentication request, and then validated in the redirect callback.
         </p>
     </recommendation>
     <example>
diff --git a/ql/src/experimental/CWE-352/ConstantOauth2State.ql b/ql/src/experimental/CWE-352/ConstantOauth2State.ql
index 7cb5d292a28..e6c8aef4d1b 100644
--- a/ql/src/experimental/CWE-352/ConstantOauth2State.ql
+++ b/ql/src/experimental/CWE-352/ConstantOauth2State.ql
@@ -12,12 +12,22 @@
 import go
 import DataFlow::PathGraph
 
+/*
+ * A method that creates a new URL that will send the user
+ * to the oauth2 authorization dialog of the provider.
+ */
+
 class AuthCodeURL extends Method {
   AuthCodeURL() { this.hasQualifiedName("golang.org/x/oauth2", "Config", "AuthCodeURL") }
 }
 
-class FlowConf extends TaintTracking::Configuration {
-  FlowConf() { this = "FlowConf" }
+/*
+ * A flow of a constant string value to a call to AuthCodeURL as the
+ * `state` parameter.
+ */
+
+class ConstantStateFlowConf extends TaintTracking::Configuration {
+  ConstantStateFlowConf() { this = "ConstantStateFlowConf" }
 
   predicate isSource(DataFlow::Node source, Literal state) {
     state.isConst() and source.asExpr() = state
@@ -32,7 +42,7 @@ class FlowConf extends TaintTracking::Configuration {
   override predicate isSink(DataFlow::Node sink) { isSink(sink, _) }
 }
 
-from FlowConf cfg, DataFlow::PathNode source, DataFlow::PathNode sink
+from ConstantStateFlowConf cfg, DataFlow::PathNode source, DataFlow::PathNode sink
 where cfg.hasFlowPath(source, sink)
 select sink.getNode(), source, sink, "Using a constant $@ to create oauth2 URLs.", source.getNode(),
   "state string"