diff --git a/draft-ietf-oauth-browser-based-apps.html b/draft-ietf-oauth-browser-based-apps.html
index 6d3ca80..4c7192b 100644
--- a/draft-ietf-oauth-browser-based-apps.html
+++ b/draft-ietf-oauth-browser-based-apps.html
@@ -3249,6 +3249,10 @@ <h3 id="name-informative-references">
         <dd>
 <span class="refAuthor">Sakimura, N.</span>, <span class="refAuthor">Bradley, J.</span>, <span class="refAuthor">Jones, M.</span>, <span class="refAuthor">de Medeiros, B.</span>, and <span class="refAuthor">C. Mortimore</span>, <span class="refTitle">"OpenID Connect Core 1.0 incorporating errata set 2"</span>, <time datetime="2023-12" class="refDate">December 2023</time>, <span>&lt;<a href="https://openid.net/specs/openid-connect-core-1_0-errata2.html">https://openid.net/specs/openid-connect-core-1_0-errata2.html</a>&gt;</span>. </dd>
 <dd class="break"></dd>
+<dt id="OWASPCheatSheet">[OWASPCheatSheet]</dt>
+        <dd>
+<span class="refTitle">"OWASP Cheat Sheet"</span>, <span>n.d.</span>, <span>&lt;<a href="https://cheatsheetseries.owasp.org/">https://cheatsheetseries.owasp.org/</a>&gt;</span>. </dd>
+<dd class="break"></dd>
 <dt id="RFC6819">[RFC6819]</dt>
         <dd>
 <span class="refAuthor">Lodderstedt, T., Ed.</span>, <span class="refAuthor">McGloin, M.</span>, and <span class="refAuthor">P. Hunt</span>, <span class="refTitle">"OAuth 2.0 Threat Model and Security Considerations"</span>, <span class="seriesInfo">RFC 6819</span>, <span class="seriesInfo">DOI 10.17487/RFC6819</span>, <time datetime="2013-01" class="refDate">January 2013</time>, <span>&lt;<a href="https://www.rfc-editor.org/info/rfc6819">https://www.rfc-editor.org/info/rfc6819</a>&gt;</span>. </dd>
diff --git a/draft-ietf-oauth-browser-based-apps.txt b/draft-ietf-oauth-browser-based-apps.txt
index 4601958..da8aa01 100644
--- a/draft-ietf-oauth-browser-based-apps.txt
+++ b/draft-ietf-oauth-browser-based-apps.txt
@@ -2531,6 +2531,10 @@ Table of Contents
               errata set 2", December 2023, <https://openid.net/specs/
               openid-connect-core-1_0-errata2.html>.
 
+   [OWASPCheatSheet]
+              "OWASP Cheat Sheet", n.d.,
+              <https://cheatsheetseries.owasp.org/>.
+
    [RFC6819]  Lodderstedt, T., Ed., McGloin, M., and P. Hunt, "OAuth 2.0
               Threat Model and Security Considerations", RFC 6819,
               DOI 10.17487/RFC6819, January 2013,