Update java/ql/src/experimental/Security/CWE/CWE-348/UseOfLessTrustedSource.qhelp

Co-authored-by: Chris Smowton <[email protected]>

Author: haby0

java/ql/src/experimental/Security/CWE/CWE-348/UseOfLessTrustedSource.qhelp

@@ -4,8 +4,8 @@
 <qhelp>
 <overview>
 <p>An original client IP address is retrieved from an http header (<code>X-Forwarded-For</code> or <code>X-Real-IP</code> or <code>Proxy-Client-IP</code> 
-etc.), which is used to ensure security or track it in the log for statistical or other reasons. Attackers can forge the value of these identifiers to attack the 
-software.</p>
+etc.), which is used to ensure security or track it in the log for statistical or other reasons. Attackers can forge the value of these identifiers to
+bypass a ban-list, for example.</p>
 
 </overview>
 <recommendation>