diff --git a/_posts/2020-06-04-MISP.2.4.126.released.md b/_posts/2020-06-04-MISP.2.4.126.released.md
index 2d31bdd..d4dc4ee 100644
--- a/_posts/2020-06-04-MISP.2.4.126.released.md
+++ b/_posts/2020-06-04-MISP.2.4.126.released.md
@@ -10,7 +10,7 @@ A new version of MISP ([2.4.126](https://github.com/MISP/MISP/tree/v2.4.126)) ha
 
 # Security fix - fixed XSS
 
-Fixed a persistent XSS that could be triggered by correlating an attribute via the freetext import tool with an attribute that contains a javascript payload in the comment field. By hovering over the correlation, the analyst encoding the information would have the exploit triggered.
+[Fixed a persistent XSS](https://cve.circl.lu/cve/CVE-2020-13153) (CVE-2020-13153) that could be triggered by correlating an attribute via the freetext import tool with an attribute that contains a javascript payload in the comment field. By hovering over the correlation, the analyst encoding the information would have the exploit triggered.
 
 Thanks to @JakubOnderka for reporting it!