diff --git a/java/ql/test/query-tests/security/CWE-079/semmle/tests/XSS.ql b/java/ql/test/query-tests/security/CWE-079/semmle/tests/XSS.ql
index 86b98d408011..454f42112ea9 100644
--- a/java/ql/test/query-tests/security/CWE-079/semmle/tests/XSS.ql
+++ b/java/ql/test/query-tests/security/CWE-079/semmle/tests/XSS.ql
@@ -1,23 +1,7 @@
 import java
-import semmle.code.java.dataflow.TaintTracking
-import semmle.code.java.dataflow.FlowSources
-import semmle.code.java.security.XSS
+import semmle.code.java.security.XssQuery
 import TestUtilities.InlineExpectationsTest
 
-module XssConfig implements DataFlow::ConfigSig {
-  predicate isSource(DataFlow::Node source) { source instanceof RemoteFlowSource }
-
-  predicate isSink(DataFlow::Node sink) { sink instanceof XssSink }
-
-  predicate isBarrier(DataFlow::Node node) { node instanceof XssSanitizer }
-
-  predicate isAdditionalFlowStep(DataFlow::Node node1, DataFlow::Node node2) {
-    any(XssAdditionalTaintStep s).step(node1, node2)
-  }
-}
-
-module XssFlow = TaintTracking::Global<XssConfig>;
-
 class XssTest extends InlineExpectationsTest {
   XssTest() { this = "XssTest" }
 
diff --git a/java/ql/test/query-tests/security/CWE-089/semmle/examples/springjdbc.ql b/java/ql/test/query-tests/security/CWE-089/semmle/examples/springjdbc.ql
index 78d0ba3c3d9b..bee1fa84ebce 100644
--- a/java/ql/test/query-tests/security/CWE-089/semmle/examples/springjdbc.ql
+++ b/java/ql/test/query-tests/security/CWE-089/semmle/examples/springjdbc.ql
@@ -1,28 +1,14 @@
 import java
-import semmle.code.java.dataflow.TaintTracking
-import semmle.code.java.security.QueryInjection
+import semmle.code.java.dataflow.FlowSources
+import semmle.code.java.security.SqlInjectionQuery
 import TestUtilities.InlineExpectationsTest
 
-private module QueryInjectionFlowConfig implements DataFlow::ConfigSig {
-  predicate isSource(DataFlow::Node src) {
-    src.asExpr() = any(MethodAccess ma | ma.getMethod().hasName("source"))
-  }
-
-  predicate isSink(DataFlow::Node sink) { sink instanceof QueryInjectionSink }
-
-  predicate isBarrier(DataFlow::Node node) {
-    node.getType() instanceof PrimitiveType or
-    node.getType() instanceof BoxedType or
-    node.getType() instanceof NumberType
-  }
+private class SourceMethodSource extends RemoteFlowSource {
+  SourceMethodSource() { this.asExpr().(MethodAccess).getMethod().hasName("source") }
 
-  predicate isAdditionalFlowStep(DataFlow::Node node1, DataFlow::Node node2) {
-    any(AdditionalQueryInjectionTaintStep s).step(node1, node2)
-  }
+  override string getSourceType() { result = "source" }
 }
 
-private module QueryInjectionFlow = TaintTracking::Global<QueryInjectionFlowConfig>;
-
 class HasFlowTest extends InlineExpectationsTest {
   HasFlowTest() { this = "HasFlowTest" }