diff --git a/csharp/ql/src/Security Features/CWE-601/UrlRedirect.qhelp b/csharp/ql/src/Security Features/CWE-601/UrlRedirect.qhelp
index c9a1b692b81..80873b1bc1c 100644
--- a/csharp/ql/src/Security Features/CWE-601/UrlRedirect.qhelp	
+++ b/csharp/ql/src/Security Features/CWE-601/UrlRedirect.qhelp	
@@ -57,7 +57,7 @@ which is harmless but perhaps not intended. You can substitute your own domain (
 
 <li>
 OWASP:
-<a href="https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html">XSS
+<a href="https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html">
 Unvalidated Redirects and Forwards Cheat Sheet</a>.
 </li>
 <li>
diff --git a/java/ql/src/Security/CWE/CWE-601/UrlRedirect.qhelp b/java/ql/src/Security/CWE/CWE-601/UrlRedirect.qhelp
index eddca4f62f6..4325ccf5430 100644
--- a/java/ql/src/Security/CWE/CWE-601/UrlRedirect.qhelp
+++ b/java/ql/src/Security/CWE/CWE-601/UrlRedirect.qhelp
@@ -57,7 +57,7 @@ which is harmless but perhaps not intended. You can substitute your own domain (
 
 <li>
 OWASP:
-<a href="https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html">XSS
+<a href="https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html">
 Unvalidated Redirects and Forwards Cheat Sheet</a>.
 </li>
 <li>