Made grammar changes

python/ql/src/experimental/Security/CWE-943/NoSQLInjection.qhelp

@@ -12,14 +12,14 @@
 
   <p>
   Because a user-controlled source is directly injected into the query, the malicious user can have complete control over the query itself.
-  When the query is executed they can commit different types of actions like bypass role restrictions or access and modify restricted data in the MongoDB database.
+  When the query is executed they can commit different types of actions like bypassing role restrictions or accessing and modifying restricted data in the MongoDB database.
   </p>
 </overview>
 
 <recommendation>
   <p>
-  NoSQL injection can be prevented by escaping the user input of special characters that is passed into the NoSQL query.
-  Alternatively using a sanitize library such as MongoSanitizer to sanitize user input will ensure that users who attempt to construct malicious queries in the user-supplied source is not executed.
+  NoSQL injections can be prevented by escaping user-input's special characters that are passed into the NoSQL query from the user-supplied source.
+  Alternatively using a sanitize library such as MongoSanitizer will ensure that user-supplied sources can not act as a malicious query.
   </p>
 <recommendation>
 
@@ -31,8 +31,7 @@
 <example>
 
 <references>
-  <li>OWASP NoSQL injection : <a href="https://owasp.org/www-pdf-archive/GOD16-NOSQL.pdf"></a>/>> </li>
-  <li>Security Stack Exchange Discussion : <a href="https://security.stackexchange.com/questions/83231/mongodb-nosql-injection-in-python-code"></a>/>> </li>
-
+  <li>OWASP: <a href="https://owasp.org/www-pdf-archive/GOD16-NOSQL.pdf">NoSQL Injection</a></li>
+  <li>Security Stack Exchange Discussion: <a href="https://security.stackexchange.com/questions/83231/mongodb-nosql-injection-in-python-code">Question 83231</a></li>
 </references>
 </qhelp>