diff --git a/java/ql/src/Security/CWE/CWE-023/PartialPathTraversal.qhelp b/java/ql/src/Security/CWE/CWE-023/PartialPathTraversal.qhelp
index 8cf0bc6fd76..18f7648a570 100644
--- a/java/ql/src/Security/CWE/CWE-023/PartialPathTraversal.qhelp
+++ b/java/ql/src/Security/CWE/CWE-023/PartialPathTraversal.qhelp
@@ -53,7 +53,8 @@ indeed slash-terminated, the user supplying dir can only access chi
OWASP:
Partial Path Traversal.
- ESAPI
+CVE-2022-23457:
+ ESAPI Vulnerability Report