diff --git a/python/ql/src/Security/CWE-943/NoSQLInjection.ql b/python/ql/src/Security/CWE-943/NoSQLInjection.ql
index fd588f009f0..0b9ac2139e7 100644
--- a/python/ql/src/Security/CWE-943/NoSQLInjection.ql
+++ b/python/ql/src/Security/CWE-943/NoSQLInjection.ql
@@ -4,17 +4,17 @@
  *              malicious NoSQL code by the user.
  * @kind path-problem
  * @problem.severity error
+ * @security-severity 8.8
  * @id py/nosql-injection
  * @tags security
- *       experimental
  *       external/cwe/cwe-943
  */
 
 import python
 import semmle.python.security.dataflow.NoSQLInjectionQuery
-import Flow::PathGraph
+import NoSqlInjectionFlow::PathGraph
 
-from Flow::PathNode source, Flow::PathNode sink
-where Flow::flowPath(source, sink)
+from NoSqlInjectionFlow::PathNode source, NoSqlInjectionFlow::PathNode sink
+where NoSqlInjectionFlow::flowPath(source, sink)
 select sink.getNode(), source, sink, "This NoSQL query contains an unsanitized $@.", source,
   "user-provided value"