diff --git a/csharp/ql/src/Security Features/CWE-730/RegexInjection.ql b/csharp/ql/src/Security Features/CWE-730/RegexInjection.ql
index 0ce1459091e..396c0859d33 100644
--- a/csharp/ql/src/Security Features/CWE-730/RegexInjection.ql	
+++ b/csharp/ql/src/Security Features/CWE-730/RegexInjection.ql	
@@ -23,5 +23,5 @@ where
   c.hasFlowPath(source, sink) and
   // No global timeout set
   not exists(RegexGlobalTimeout r)
-select sink.getNode(), source, sink, "$@ flows to the construction of a regular expression.",
-  source.getNode(), "User-provided value"
+select sink.getNode(), source, sink, "This regular expression is constructed from a $@.",
+  source.getNode(), "user-provided value"
diff --git a/java/ql/src/experimental/Security/CWE/CWE-730/RegexInjection.ql b/java/ql/src/experimental/Security/CWE/CWE-730/RegexInjection.ql
index 3b8b5dc759a..f60e5d9070b 100644
--- a/java/ql/src/experimental/Security/CWE/CWE-730/RegexInjection.ql
+++ b/java/ql/src/experimental/Security/CWE/CWE-730/RegexInjection.ql
@@ -85,5 +85,5 @@ class RegexInjectionConfiguration extends TaintTracking::Configuration {
 
 from DataFlow::PathNode source, DataFlow::PathNode sink, RegexInjectionConfiguration c
 where c.hasFlowPath(source, sink)
-select sink.getNode(), source, sink, "$@ is user controlled.", source.getNode(),
-  "This regular expression pattern"
+select sink.getNode(), source, sink, "This regular expression is constructed from a $@.",
+  source.getNode(), "user-provided value"