diff --git a/java/ql/src/Security/CWE/CWE-352/SpringCSRFProtection.ql b/java/ql/src/Security/CWE/CWE-352/SpringCSRFProtection.ql
index f41532c8e07..9529aa9aabf 100644
--- a/java/ql/src/Security/CWE/CWE-352/SpringCSRFProtection.ql
+++ b/java/ql/src/Security/CWE/CWE-352/SpringCSRFProtection.ql
@@ -12,11 +12,11 @@
 
 import java
 
-from MethodAccess call, Method method
+from MethodAccess call
 where
-  call.getMethod() = method and
-  method.hasName("disable") and
-  method.getDeclaringType().getQualifiedName().regexpMatch(
-    "org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer<CsrfConfigurer<.*>,.*>"
+  call.getMethod().hasName("disable") and
+  call.getReceiverType().hasQualifiedName(
+    "org.springframework.security.config.annotation.web.configurers",
+    "CsrfConfigurer<HttpSecurity>"
   )
 select call, "CSRF vulnerability due to protection being disabled."