Update java/ql/src/Security/CWE/CWE-094/InsecureBeanValidation.qhelp

Alvaro Muñoz · shati-patel · web-flow · commit d5b470ea0c5a · 2020-10-27T21:11:27.000+01:00
Co-authored-by: Shati Patel &lt;42641846+shati-patel@users.noreply.github.com&gt;
diff --git a/java/ql/src/Security/CWE/CWE-094/InsecureBeanValidation.qhelp b/java/ql/src/Security/CWE/CWE-094/InsecureBeanValidation.qhelp
@@ -14,7 +14,7 @@ untrusted) bean properties flow into the custom error message.</p>
 <p>There are different approaches to remediate the issue:</p>
 <ul>
 <li>Do not include validated bean properties in the custom error message.</li>
-<li>Use parameterized messages instead of string concatenation. E.g:
+<li>Use parameterized messages instead of string concatenation. For example:
 <pre>
 HibernateConstraintValidatorContext context = constraintValidatorContext.unwrap( HibernateConstraintValidatorContext.class );
 context.addMessageParameter( "foo", "bar" );
