Update java/ql/src/Security/CWE/CWE-094/InsecureBeanValidation.qhelp

Alvaro Muñoz · shati-patel · web-flow · commit d221930c818a · 2020-10-27T21:10:56.000+01:00
Co-authored-by: Shati Patel &lt;42641846+shati-patel@users.noreply.github.com&gt;
diff --git a/java/ql/src/Security/CWE/CWE-094/InsecureBeanValidation.qhelp b/java/ql/src/Security/CWE/CWE-094/InsecureBeanValidation.qhelp
@@ -3,7 +3,7 @@
   "qhelp.dtd">
 <qhelp>
 <overview>
-<p>Bean validation custom constraint error messages support different types of interpolation, 
+<p>Custom error messages for constraint validators support different types of interpolation, 
 including <a href="https://docs.jboss.org/hibernate/validator/5.1/reference/en-US/html/chapter-message-interpolation.html#section-interpolation-with-message-expressions">Java EL expressions</a>.
 Controlling part of the message template being passed to <code>ConstraintValidatorContext.buildConstraintViolationWithTemplate()</code>
 argument will lead to arbitrary Java code execution. Unfortunately, it is common that validated (and therefore, normally 
