diff --git a/java/ql/src/Security/CWE/CWE-940/AndroidIntentRedirection.qhelp b/java/ql/src/Security/CWE/CWE-940/AndroidIntentRedirection.qhelp
index eb3f61f3bb5..47ba77b6e25 100644
--- a/java/ql/src/Security/CWE/CWE-940/AndroidIntentRedirection.qhelp
+++ b/java/ql/src/Security/CWE/CWE-940/AndroidIntentRedirection.qhelp
@@ -6,14 +6,15 @@
         on behalf of the victim app.</p>
     </overview>
     <recommendation>
-        <p>Do not export compontents that start other components from a user-provided Intent. 
+        <p>Do not export components that start other components from a user-provided Intent. 
         They can be made private by setting the <code>android:exported</code> property to <code>false</code> in the app's Android Manifest.</p>
         <p>If this is not possible, restrict either which apps can send Intents to the affected component, or which components can be started from it.</p>
     </recommendation>
     <example>
         <p>The following snippet contains two examples.
         In the first example, an arbitrary component can be started from the externally provided <code>forward_intent</code> Intent.
-        In the second example, the destination component of the Intent is first checked to make sure it is safe.</p>
+        In the second example, the destination component of the Intent is first checked to make sure it is safe.
+        In the third example, the component that created the Intent is first checked to make sure it comes from a trusted origin.</p>
         <sample src="AndroidIntentRedirectionSample.java" />
     </example>
     <references>