diff --git a/.changelog/_795.txt b/.changelog/_795.txt
new file mode 100644
index 000000000..5c80d7924
--- /dev/null
+++ b/.changelog/_795.txt
@@ -0,0 +1,3 @@
+```release-note:security
+audit-logging: Parse endpoint URL to prevent requests from bypassing the audit log [CVE-2021-28156](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28156)
+```