Apply suggestions from code review

Co-authored-by: Esben Sparre Andreasen <esbena@github.com>

javascript/ql/src/Security/CWE-079/UnsafeHtmlConstruction.qhelp

@@ -4,7 +4,7 @@
 <qhelp>
 <overview>
 	<p>
-		Dynamically constructing HTML with inputs from exported functions may 
+		Dynamically constructing HTML with inputs from library functions may 
 		inadvertently leave a client open to XSS attacks.
 		
 		Clients using the exported function may use inputs containing unsafe HTML,
@@ -28,7 +28,7 @@
 <example>
 
 	<p>
-		The following example shows a library function that shows a boldface name
+		The following example has a library function that renders a boldface name
 		by writing to the <code>innerHTML</code> property of an element.
 	</p>
 

javascript/ql/src/Security/CWE-079/UnsafeHtmlConstruction.ql

@@ -1,7 +1,7 @@
 /**
  * @name Unsafe HTML constructed from library input
  * @description Using externally controlled strings to construct HTML might allow a malicious
- *              user to perform an cross-site scripting attack.
+ *              user to perform a cross-site scripting attack.
  * @kind path-problem
  * @problem.severity error
  * @precision high