diff --git a/java/ql/src/Security/CWE/CWE-020/UntrustedDataToExternalAPI.qhelp b/java/ql/src/Security/CWE/CWE-020/UntrustedDataToExternalAPI.qhelp
index 3a89f3a7af0..c606d2c8369 100644
--- a/java/ql/src/Security/CWE/CWE-020/UntrustedDataToExternalAPI.qhelp
+++ b/java/ql/src/Security/CWE/CWE-020/UntrustedDataToExternalAPI.qhelp
@@ -34,7 +34,7 @@ class to exclude known safe external APIs from future analysis.</p>
 <example>
 
 <p>In this first example, a request parameter is read from <code>HttpServletRequest</code> and then ultimately used in a call to the 
-<code>HttpServletResponse.sendError</code> external API:
+<code>HttpServletResponse.sendError</code> external API:</p>
 
 <sample src="ExternalAPISinkExample.java" />