diff --git a/ql/src/Security/CWE-643/XPathInjection.ql b/ql/src/Security/CWE-643/XPathInjection.ql
index b37efe8a1e5..ca6df0ff004 100644
--- a/ql/src/Security/CWE-643/XPathInjection.ql
+++ b/ql/src/Security/CWE-643/XPathInjection.ql
@@ -4,6 +4,7 @@
  *              malicious code by the user.
  * @kind path-problem
  * @problem.severity error
+ * @precision high
  * @id go/xml/xpath-injection
  * @tags security
  *       external/cwe/cwe-643