Python: Minor fixup of qhelp for XPath injection

Author: RasmusWL

python/ql/src/experimental/CWE-643/xpath.qhelp

@@ -21,10 +21,10 @@
     <example>
         <p>In the example below, the xpath query is controlled by the user and hence leads to a vulnerability.</p>
         <sample src="xpathBad.py" />
-    </example>
         <p> This can be fixed by using a parameterized query as shown below.</p>
         <sample src="xpathGood.py" />
+    </example>
     <references>
         <li>OWASP XPath injection : <a href="https://owasp.org/www-community/attacks/XPATH_Injection"></a>/>> </li>
     </references>
-</qhelp>
+</qhelp>