diff --git a/javascript/ql/src/semmle/javascript/security/dataflow/CleartextLogging.qll b/javascript/ql/src/semmle/javascript/security/dataflow/CleartextLogging.qll
index 547ee674696..cb5e74ca05e 100644
--- a/javascript/ql/src/semmle/javascript/security/dataflow/CleartextLogging.qll
+++ b/javascript/ql/src/semmle/javascript/security/dataflow/CleartextLogging.qll
@@ -36,10 +36,8 @@ module CleartextLogging {
 
     override predicate isSanitizerEdge(DataFlow::Node pred, DataFlow::Node succ, DataFlow::FlowLabel lbl) {
       // Only unknown property reads on `process.env` propagate taint.
-      not lbl instanceof ProcessEnvLabel and 
+      (not lbl instanceof ProcessEnvLabel or exists(succ.(DataFlow::PropRead).getPropertyName())) and 
       succ.(DataFlow::PropRead).getBase() = pred
-      or 
-      exists(succ.(DataFlow::PropRead).getPropertyName())
     }
        
     override predicate isAdditionalFlowStep(