diff --git a/python/ql/lib/change-notes/2023-07-13-mad-xss.md b/python/ql/lib/change-notes/2023-07-13-mad-xss.md
new file mode 100644
index 00000000000..7d8e1543a5c
--- /dev/null
+++ b/python/ql/lib/change-notes/2023-07-13-mad-xss.md
@@ -0,0 +1,4 @@
+---
+category: minorAnalysis
+---
+* Add support for Models as Data for Reflected XSS query
\ No newline at end of file
diff --git a/python/ql/lib/semmle/python/security/dataflow/ReflectedXSSCustomizations.qll b/python/ql/lib/semmle/python/security/dataflow/ReflectedXSSCustomizations.qll
index 2229d0c758c..3e6f74c84cd 100644
--- a/python/ql/lib/semmle/python/security/dataflow/ReflectedXSSCustomizations.qll
+++ b/python/ql/lib/semmle/python/security/dataflow/ReflectedXSSCustomizations.qll
@@ -7,6 +7,7 @@
 private import python
 private import semmle.python.dataflow.new.DataFlow
 private import semmle.python.Concepts
+private import semmle.python.frameworks.data.ModelsAsData
 private import semmle.python.dataflow.new.RemoteFlowSources
 private import semmle.python.dataflow.new.BarrierGuards
 
@@ -43,6 +44,15 @@ module ReflectedXss {
    */
   class RemoteFlowSourceAsSource extends Source, RemoteFlowSource { }
 
+  /**
+   * A data flow sink for "reflected cross-site scripting" vulnerabilities.
+   */
+  private class SinkFromModel extends Sink {
+    SinkFromModel() {
+      this = ModelOutput::getASinkNode(["html-injection", "js-injection"]).asSink()
+    }
+  }
+
   /**
    * The body of a HTTP response that will be returned from a server, considered as a flow sink.
    */