From 2d3e42e6d66aacf8c20609fae964040fa5278b2f Mon Sep 17 00:00:00 2001
From: Erik Krogh Kristensen <erik-krogh@github.com>
Date: Mon, 20 Apr 2020 11:50:46 +0200
Subject: [PATCH] update qhelp for xss-through-dom

Co-Authored-By: Asger F <asgerf@github.com>
---
 javascript/ql/src/Security/CWE-079/XssThroughDom.qhelp | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/javascript/ql/src/Security/CWE-079/XssThroughDom.qhelp b/javascript/ql/src/Security/CWE-079/XssThroughDom.qhelp
index 297e3739fee..ca99672f4a5 100644
--- a/javascript/ql/src/Security/CWE-079/XssThroughDom.qhelp
+++ b/javascript/ql/src/Security/CWE-079/XssThroughDom.qhelp
@@ -5,8 +5,7 @@
 
 <overview>
 <p>
-Writing text from a webpage to the same webpage without properly sanitizing the 
-input first, might allow for a cross-site scripting vulnerability.
+Extracting text from a DOM node and interpreting it as HTML can lead to a cross-site scripting vulnerability.
 </p>
 <p>
 A webpage with this vulnerability unescapes an otherwise sanitized text,