diff --git a/java/ql/src/Security/CWE/CWE-522/InsecureBasicAuth.qhelp b/java/ql/src/Security/CWE/CWE-522/InsecureBasicAuth.qhelp
index fedce26842b..ebbb8eca7ba 100644
--- a/java/ql/src/Security/CWE/CWE-522/InsecureBasicAuth.qhelp
+++ b/java/ql/src/Security/CWE/CWE-522/InsecureBasicAuth.qhelp
@@ -17,11 +17,11 @@
   <references>
     <li>
       SonarSource rule:
-      <a href="https://rules.sonarsource.com/java/tag/owasp/RSPEC-2647">Basic authentication should not be used</a>
+      <a href="https://rules.sonarsource.com/java/tag/owasp/RSPEC-2647">Basic authentication should not be used</a>.
     </li>
     <li>
       Acunetix:
-      <a href="https://www.acunetix.com/vulnerabilities/web/basic-authentication-over-http/">WEB VULNERABILITIES INDEX - Basic authentication over HTTP</a>
+      <a href="https://www.acunetix.com/vulnerabilities/web/basic-authentication-over-http/">WEB VULNERABILITIES INDEX - Basic authentication over HTTP</a>.
     </li>
   </references>
 </qhelp>