diff --git a/CHANGELOG b/CHANGELOG
index 637f1e84f..ed33cc051 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -29,7 +29,7 @@ RELEASE 1.2.4
 - Fix update of group name in the contacts list header on group rename (#5648)
 - Add rewrite rule to disable access to /vendor/bin folder in .htaccess (#5630)
 - Fix bug where it was too easy accidentally move a folder when using the subscription checkbox (#5655)
-- Fix XSS issue in handling of a style tag inside of an svg element
+- Fix XSS issue in handling of a style tag inside of an svg element (CVE-2017-6820)
 
 RELEASE 1.2.3
 -------------