diff --git a/ql/src/Security/CWE-601/BadRedirectCheck.qhelp b/ql/src/Security/CWE-601/BadRedirectCheck.qhelp
index 54ca1ca78fa..b6036f4399b 100644
--- a/ql/src/Security/CWE-601/BadRedirectCheck.qhelp
+++ b/ql/src/Security/CWE-601/BadRedirectCheck.qhelp
@@ -14,14 +14,14 @@ also check the second character of redirect URLs.
 
 <recommendation>
 <p>
-Also disallow the patterns <code>//*</code> and <code>/\*</code> when checking redirect URLs.
+Also disallow redirect URLs starting with <code>//</code> or <code>/\</code>.
 </p>
 </recommendation>
 
 <example>
 <p>
 The following function validates a (presumably untrusted) redirect URL <code>redir</code>. If it
-does not begin with <code>/</code>, the harmless placeholder redirect URL, <code>/</code> is
+does not begin with <code>/</code>, the harmless placeholder redirect URL <code>/</code> is
 returned to prevent an open redirect; otherwise <code>redir</code> itself is returned.
 </p>
 <sample src="BadRedirectCheck.go"/>
diff --git a/ql/src/Security/CWE-601/BadRedirectCheck.ql b/ql/src/Security/CWE-601/BadRedirectCheck.ql
index c3365ffba0d..4d464ab8467 100644
--- a/ql/src/Security/CWE-601/BadRedirectCheck.ql
+++ b/ql/src/Security/CWE-601/BadRedirectCheck.ql
@@ -1,7 +1,7 @@
 /**
  * @name Bad redirect check
  * @description A redirect check that checks for a leading slash but not two
- *              leading slashes or a leading slash then backslash is
+ *              leading slashes or a leading slash followed by a backslash is
  *              incomplete.
  * @kind problem
  * @problem.severity warning