diff --git a/cves/2018/CVE-2018-2628.yaml b/cves/2018/CVE-2018-2628.yaml
index 86406c71d4..613a0793b1 100644
--- a/cves/2018/CVE-2018-2628.yaml
+++ b/cves/2018/CVE-2018-2628.yaml
@@ -4,6 +4,8 @@ info:
   name: Oracle WebLogic Server Deserialization RCE
   author: milo2012
   severity: high
+  reference: https://www.nc-lp.com/blog/weaponize-oracle-weblogic-server-poc-cve-2018-2628
+  tags: cve,cve2018,oracle,weblogic
 
 network:
   - inputs: