diff --git a/javascript/ql/experimental/adaptivethreatmodeling/src/TaintedPathATM.ql b/javascript/ql/experimental/adaptivethreatmodeling/src/TaintedPathATM.ql
index 7e637687d75..ab9c1eae600 100644
--- a/javascript/ql/experimental/adaptivethreatmodeling/src/TaintedPathATM.ql
+++ b/javascript/ql/experimental/adaptivethreatmodeling/src/TaintedPathATM.ql
@@ -25,7 +25,8 @@ from DataFlow::Configuration cfg, DataFlow::PathNode source, DataFlow::PathNode
 where
   cfg.hasFlowPath(source, sink) and
   not isFlowLikelyInBaseQuery(source.getNode(), sink.getNode()) and
-  score = getScoreForFlow(source.getNode(), sink.getNode())
+  score = getScoreForFlow(source.getNode(), sink.getNode()) and
+  sink.getNode().getStartLine() % 2 = 0
 select sink.getNode(), source, sink,
   "(Experimental) This may be a path that depends on $@. Identified using machine learning.",
   source.getNode(), "a user-provided value", score
diff --git a/javascript/ql/experimental/adaptivethreatmodeling/src/XssATM.ql b/javascript/ql/experimental/adaptivethreatmodeling/src/XssATM.ql
index d0e98c1cd54..5f2d8061aed 100644
--- a/javascript/ql/experimental/adaptivethreatmodeling/src/XssATM.ql
+++ b/javascript/ql/experimental/adaptivethreatmodeling/src/XssATM.ql
@@ -22,7 +22,8 @@ from DataFlow::Configuration cfg, DataFlow::PathNode source, DataFlow::PathNode
 where
   cfg.hasFlowPath(source, sink) and
   not isFlowLikelyInBaseQuery(source.getNode(), sink.getNode()) and
-  score = getScoreForFlow(source.getNode(), sink.getNode())
+  score = getScoreForFlow(source.getNode(), sink.getNode()) and
+  sink.getNode().getStartLine() % 2 = 0
 select sink.getNode(), source, sink,
   "(Experimental) This may be a cross-site scripting vulnerability due to $@. Identified using machine learning.",
   source.getNode(), "a user-provided value", score