apply suggestions from max

Co-Authored-By: Max Schaefer <54907921+max-schaefer@users.noreply.github.com>

Author: erik-krogh

javascript/ql/src/Security/CWE-079/ExceptionXss.qhelp

@@ -5,8 +5,8 @@
 
 <overview>
 <p>
-Directly writing exceptions to a webpage with sanitization allows for a cross-site scripting
-vulnerability if the value of the exception can be influenzed by a user.
+Directly writing exceptions to a webpage without sanitization allows for a cross-site scripting
+vulnerability if the value of the exception can be influenced by a user.
 </p>
 </overview>
 
@@ -21,7 +21,7 @@ references.
 <example>
 <p>
 The following example shows an exception being written directly to the document, 
-and this exception can potentially be influenzed the page URL, 
+and this exception can potentially be influenced the page URL, 
 leaving the website vulnerable to cross-site scripting.
 </p>
 <sample src="examples/ExceptionXss.js" />

javascript/ql/src/semmle/javascript/security/dataflow/ExceptionXss.qll

@@ -22,7 +22,7 @@ module ExceptionXss {
     )
   }
 
-  DataFlow::Node getExceptionalSuccssor(DataFlow::Node pred) {
+  DataFlow::Node getExceptionalSuccessor(DataFlow::Node pred) {
     if exists(getEnclosingTryStmt(pred.asExpr().getEnclosingStmt()))
     then
       result.(DataFlow::ParameterNode).getParameter() = getEnclosingTryStmt(pred
@@ -76,7 +76,7 @@ module ExceptionXss {
       succ = getExceptionalSuccssor(pred) and
       (canThrowSensitiveInformation(pred) or pred = any(DataFlow::InvokeNode c).getExceptionalReturn())
       or
-      // All the usual taint-flow steps applies on data-flow before it has been thrown in an exception.
+      // All the usual taint-flow steps apply on data-flow before it has been thrown in an exception.
       this.isAdditionalFlowStep(pred, succ) and inlbl instanceof NotYetThrown and outlbl instanceof NotYetThrown 
       or
       // We taint an object deep if it happens before an exception has been thrown.