diff --git a/python/ql/lib/semmle/python/frameworks/Stdlib.qll b/python/ql/lib/semmle/python/frameworks/Stdlib.qll
index c7179dbd46c0..950e741d58eb 100644
--- a/python/ql/lib/semmle/python/frameworks/Stdlib.qll
+++ b/python/ql/lib/semmle/python/frameworks/Stdlib.qll
@@ -3463,6 +3463,14 @@ module StdlibPrivate {
           ) and
           preservesValue = false
         )
+        or
+        // flow from input string to attribute on match object
+        exists(int arg | arg = methodName.(RegexExecutionMethod).getStringArgIndex() - offset |
+          input in ["Argument[" + arg + "]", "Argument[string:]"] and
+          methodName = "finditer" and
+          output = "ReturnValue.ListElement.Attribute[string]" and
+          preservesValue = true
+        )
       )
     }
   }
diff --git a/python/ql/test/library-tests/frameworks/stdlib/test_re.py b/python/ql/test/library-tests/frameworks/stdlib/test_re.py
index b95d65619e27..c2c3c75a979a 100644
--- a/python/ql/test/library-tests/frameworks/stdlib/test_re.py
+++ b/python/ql/test/library-tests/frameworks/stdlib/test_re.py
@@ -39,8 +39,8 @@
     compiled_pat.match(ts).string, # $ tainted
     re.compile(ts).match("safe").re.pattern, # $ tainted
 
-    list(re.finditer(pat, ts))[0].string, # $ MISSING: tainted
-    [m.string for m in re.finditer(pat, ts)], # $ MISSING: tainted
+    list(re.finditer(pat, ts))[0].string, # $ tainted
+    [m.string for m in re.finditer(pat, ts)], # $ tainted
 
     list(re.finditer(pat, ts))[0].groups()[0], # $ MISSING: tainted
     [m.groups()[0] for m in re.finditer(pat, ts)], # $ MISSING: tainted