diff --git a/rules/javascript/express/jwt_not_revoked.yml b/rules/javascript/express/jwt_not_revoked.yml
index f985ea7bc..4c021d3ab 100644
--- a/rules/javascript/express/jwt_not_revoked.yml
+++ b/rules/javascript/express/jwt_not_revoked.yml
@@ -6,11 +6,11 @@ patterns:
         regex: (?i)\A(expressjwt)\z
       - variable: HASH_CONTENT
         detection: javascript_express_jwt_not_revoked_secret
-        scope: result
+        scope: cursor
       - not:
           variable: HASH_CONTENT
           detection: javascript_express_jwt_not_revoked_is_revoked
-          scope: result
+          scope: cursor
 languages:
   - javascript
 auxiliary: