diff --git a/lib/brakeman/checks/check_cross_site_scripting.rb b/lib/brakeman/checks/check_cross_site_scripting.rb
index 311c348410570ac1033a2ef960aaa9cec7ccb971..1219b25252179d9ec040679b34f06c67bd0cc0f4 100644
--- a/lib/brakeman/checks/check_cross_site_scripting.rb
+++ b/lib/brakeman/checks/check_cross_site_scripting.rb
@@ -173,11 +173,14 @@ class Brakeman::CheckCrossSiteScripting < Brakeman::BaseCheck
           add_result exp
 
           link_path = "cross_site_scripting"
+          warning_code = :cross_site_scripting
+
           if @known_dangerous.include? exp.method
             confidence = CONFIDENCE[:high]
             if exp.method == :to_json
               message += " in JSON hash"
               link_path += "_to_json"
+              warning_code = :xss_to_json
             end
           else
             confidence = CONFIDENCE[:low]
@@ -185,7 +188,7 @@ class Brakeman::CheckCrossSiteScripting < Brakeman::BaseCheck
 
           warn :template => @current_template,
             :warning_type => "Cross Site Scripting",
-            :warning_code => :xss_to_json,
+            :warning_code => warning_code,
             :message => message,
             :code => exp,
             :user_input => @matched.match,