diff --git a/doc/exercises/01-static-analysis-with-breakman.md b/doc/exercises/01-static-analysis-with-breakman.md
index 500c4c8..7f3608a 100644
--- a/doc/exercises/01-static-analysis-with-breakman.md
+++ b/doc/exercises/01-static-analysis-with-breakman.md
@@ -32,10 +32,10 @@ Brakeman will report two possible cross-site scripting vulnerabilities *in DVGM
 itself*. We will look more closely at the one that possibly affects logged-in
 lecturers.
 
-1. In which file and line is the possible XSS vulnerability located?
-2. What action in what part of the app triggers the flagged line?
-3. Is the vulnerability exploitable? If yes, write an exploit and test it.
-4. If it is exploitable, how would a possible fix look like? Try the fix by
+5. In which file and line is the possible XSS vulnerability located?
+6. What action in what part of the app triggers the flagged line?
+7. Is the vulnerability exploitable? If yes, write an exploit and test it.
+8. If it is exploitable, how would a possible fix look like? Try the fix by
    changing the source code of DVGM (the changes are automatically picked up).
    See if your exploit still works. Do not forget to revert all changes afterwards,
    as we will also use other tools.
@@ -45,5 +45,5 @@ lecturers.
 Brakeman will also report (at least) two possible Cross-Site Scripting
 vulnerabilities in dependencies.
 
-1. Which dependencies are affected?
-2. Is DVGM likely to be affected by the reported CVEs?
+ 9. Which dependencies are affected?
+10. Is DVGM likely to be affected by the reported CVEs?