diff --git a/java/ql/lib/semmle/code/java/security/XxeLocalQuery.qll b/java/ql/lib/semmle/code/java/security/XxeLocalQuery.qll
index 3737afb7797..086ff3aa41b 100644
--- a/java/ql/lib/semmle/code/java/security/XxeLocalQuery.qll
+++ b/java/ql/lib/semmle/code/java/security/XxeLocalQuery.qll
@@ -6,6 +6,8 @@ private import semmle.code.java.dataflow.TaintTracking
 private import semmle.code.java.security.XxeQuery
 
 /**
+ * DEPRECATED: Use `XxeLocalFlow` instead.
+ *
  * A taint-tracking configuration for unvalidated local user input that is used in XML external entity expansion.
  */
 deprecated class XxeLocalConfig extends TaintTracking::Configuration {
diff --git a/java/ql/lib/semmle/code/java/security/XxeRemoteQuery.qll b/java/ql/lib/semmle/code/java/security/XxeRemoteQuery.qll
index e8a40d5426b..404534d90b8 100644
--- a/java/ql/lib/semmle/code/java/security/XxeRemoteQuery.qll
+++ b/java/ql/lib/semmle/code/java/security/XxeRemoteQuery.qll
@@ -6,6 +6,8 @@ private import semmle.code.java.dataflow.TaintTracking
 private import semmle.code.java.security.XxeQuery
 
 /**
+ * DEPRECATED: Use `XxeFlow` instead.
+ *
  * A taint-tracking configuration for unvalidated remote user input that is used in XML external entity expansion.
  */
 deprecated class XxeConfig extends TaintTracking::Configuration {