diff --git a/java/ql/src/experimental/Security/CWE/CWE-347/Auth0NoVerifier.qhelp b/java/ql/src/experimental/Security/CWE/CWE-347/Auth0NoVerifier.qhelp
index 9b87a4e5810..b2258c457fe 100644
--- a/java/ql/src/experimental/Security/CWE/CWE-347/Auth0NoVerifier.qhelp
+++ b/java/ql/src/experimental/Security/CWE/CWE-347/Auth0NoVerifier.qhelp
@@ -24,7 +24,7 @@
      </example>
      <references>
           <li>
-               <a href="CVE-2021-37580">The incorrect use of JWT in ShenyuAdminBootstrap allows an attacker to bypass authentication.</a>
+               <a href="https://nvd.nist.gov/vuln/detail/CVE-2021-37580">The incorrect use of JWT in ShenyuAdminBootstrap allows an attacker to bypass authentication.</a>
           </li>
      </references>