diff --git a/cheatsheets/DOM_Clobbering_Prevention_Cheat_Sheet.md b/cheatsheets/DOM_Clobbering_Prevention_Cheat_Sheet.md
index 5c3f4fcb5f..3dbe025b3b 100644
--- a/cheatsheets/DOM_Clobbering_Prevention_Cheat_Sheet.md
+++ b/cheatsheets/DOM_Clobbering_Prevention_Cheat_Sheet.md
@@ -124,7 +124,7 @@ containerDOMElement.setHTML(input, {sanitizer: sanitizerInstance});
 
 [Content-Security Policy (CSP)](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy) is a set of rules that tell the browser which resources are allowed to be loaded on a web page. By restricting the sources of JavaScript files (e.g., with the [script-src](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/script-src) directive), CSP can prevent malicious code from being injected into the page.
 
-**Note:** CSP can only mitigate **some varints** of DOM clobbering attacks, such as when attackers attempt to load new scripts by clobbering script sources, but not when already-present code can be abused for code execution, e.g., clobbering the parameters of code evaluation constructs like `eval()`.
+**Note:** CSP can only mitigate **some variants** of DOM clobbering attacks, such as when attackers attempt to load new scripts by clobbering script sources, but not when already-present code can be abused for code execution, e.g., clobbering the parameters of code evaluation constructs like `eval()`.
 
 ### \#3: Freezing Sensitive DOM Objects