diff --git a/cpp/ql/src/Security/CWE/CWE-497/PotentiallyExposedSystemData.ql b/cpp/ql/src/Security/CWE/CWE-497/PotentiallyExposedSystemData.ql
index ecfcbed1eca..d418211733f 100644
--- a/cpp/ql/src/Security/CWE/CWE-497/PotentiallyExposedSystemData.ql
+++ b/cpp/ql/src/Security/CWE/CWE-497/PotentiallyExposedSystemData.ql
@@ -42,8 +42,8 @@ class PotentiallyExposedSystemDataConfiguration extends TaintTracking::Configura
     exists(OutputWrite ow, Expr child | child = ow.getASource().getAChild*() |
       // Most sinks receive a pointer as an argument (for example `printf`),
       // and we use an indirect sink for those.
-      // However, some sinks (for example `puts`) receive receive a single
-      // character as an argument. For those we have to use a direct sink.
+      // However, some sinks (for example `puts`) receive a single character
+      // as an argument. For those we have to use a direct sink.
       if
         child.getUnspecifiedType() instanceof PointerType or
         child.getUnspecifiedType() instanceof ArrayType