diff --git a/java/ql/src/Security/CWE/CWE-094/MvelInjection.qhelp b/java/ql/src/Security/CWE/CWE-094/MvelInjection.qhelp
index d68d298b5f5..b42ab142fd8 100644
--- a/java/ql/src/Security/CWE/CWE-094/MvelInjection.qhelp
+++ b/java/ql/src/Security/CWE/CWE-094/MvelInjection.qhelp
@@ -3,11 +3,11 @@
 
 <overview>
 <p>
-MVEL is an expression language based on Java-syntax. 
-The language offers many features
+MVEL is an expression language based on Java-syntax, 
+which offers many features
 including invocation of methods available in the JVM.
 If a MVEL expression is built using attacker-controlled data, 
-and then evaluated, then it may allow the attacker to run arbitrary code.
+and then evaluated, then it may allow attackers to run arbitrary code.
 </p>
 </overview>
 
@@ -35,4 +35,4 @@ and then runs it in the default powerfull context.
   <a href="https://owasp.org/www-community/vulnerabilities/Expression_Language_Injection">Expression Language Injection</a>.
 </li>
 </references>
-</qhelp>
\ No newline at end of file
+</qhelp>