diff --git a/python/ql/src/experimental/Security/CWE-614/InsecureCookie.qhelp b/python/ql/src/experimental/Security/CWE-614/InsecureCookie.qhelp
index ab5e3031629..97df2e49e13 100644
--- a/python/ql/src/experimental/Security/CWE-614/InsecureCookie.qhelp
+++ b/python/ql/src/experimental/Security/CWE-614/InsecureCookie.qhelp
@@ -23,4 +23,4 @@ secure flag and the second adds the secure flag in the cookie's raw value.</p>
 <li>PortSwigger: <a href="https://portswigger.net/kb/issues/00500200_tls-cookie-without-secure-flag-set">TLS cookie without secure flag set</a>.</li>
 </references>
 
-</qhelp>
\ No newline at end of file
+</qhelp>
diff --git a/python/ql/src/experimental/Security/CWE-614/InsecureCookie.ql b/python/ql/src/experimental/Security/CWE-614/InsecureCookie.ql
index bf0ff22d45e..ee22243e5c3 100644
--- a/python/ql/src/experimental/Security/CWE-614/InsecureCookie.ql
+++ b/python/ql/src/experimental/Security/CWE-614/InsecureCookie.ql
@@ -13,15 +13,16 @@
 import python
 import semmle.python.dataflow.new.DataFlow
 import experimental.semmle.python.Concepts
+import experimental.semmle.python.CookieHeader
 
 from Cookie cookie, string alert
 where
-  cookie.isSecure() and
+  not cookie.isSecure() and
   alert = "secure"
   or
   not cookie.isHttpOnly() and
   alert = "httponly"
   or
-  cookie.isSameSite() and
+  not cookie.isSameSite() and
   alert = "samesite"
 select cookie, "Cookie is added without the ", alert, " flag properly set."