diff --git a/CHANGELOG.md b/CHANGELOG.md
index 9fbd37fc..30325bbf 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -7,7 +7,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ## [Unreleased]
 
 ### Security
-- Fixed Cross site scripting vulnerability in Javascript escaping
+- Fixed Cross site scripting vulnerability in Javascript escaping. This addresses CVE-2023-28447.
 
 ### Fixed
 - `$smarty->muteUndefinedOrNullWarnings()` now also mutes PHP7 notices for undefined array indexes [#736](https://github.com/smarty-php/smarty/issues/736)