diff --git a/java/ql/src/Security/CWE/CWE-094/TemplateInjection.ql b/java/ql/src/Security/CWE/CWE-094/TemplateInjection.ql
index da7a3908bfd..6ddd8cfd2c9 100644
--- a/java/ql/src/Security/CWE/CWE-094/TemplateInjection.ql
+++ b/java/ql/src/Security/CWE/CWE-094/TemplateInjection.ql
@@ -3,6 +3,7 @@
  * @description Untrusted input interpreted as a template can lead to remote code execution.
  * @kind path-problem
  * @problem.severity error
+ * @security-severity 9.3
  * @precision high
  * @id java/server-side-template-injection
  * @tags security