diff --git a/java/ql/src/experimental/Security/CWE/CWE-094/SpringImplicitViewManipulation.ql b/java/ql/src/experimental/Security/CWE/CWE-094/SpringImplicitViewManipulation.ql
index faef29d1fde..52b333de6d7 100644
--- a/java/ql/src/experimental/Security/CWE/CWE-094/SpringImplicitViewManipulation.ql
+++ b/java/ql/src/experimental/Security/CWE/CWE-094/SpringImplicitViewManipulation.ql
@@ -43,7 +43,7 @@ deprecated private predicate mayBeExploitable(Method m) {
     // hence, here we check for the param type to be a Java `String`.
     p.getType() instanceof TypeString and
     // Exclude cases where a regex check is applied on a parameter to prevent false positives.
-    not m.(SpringRequestMappingMethod).getValue().matches("%{%:[%]%}%")
+    not m.(SpringRequestMappingMethod).getAValue().matches("%{%:[%]%}%")
   ) and
   not maybeATestMethod(m)
 }