diff --git a/CHANGELOG.md b/CHANGELOG.md
index 0a19985421a14dd63ca6afd99467abf59a04c55d..177678c6f9ec0f532e1ec490b2320c4971f28773 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,13 @@
 # Changelog
 
+## 2.0.4
+This release fixes a security vulnerability caused by the CORS implementation.
+Support for cross-origin requests has been removed. Use ARSnova version 2.2 or
+newer for proper CORS. (Reported by Rainer Rillke at Wikimedia)
+
+Additional changes:
+* Libraries have been upgraded to fix potential bugs
+
 ## 2.0.3
 This release fixes a security vulnerability in the account management API. It is
 highly recommended to upgrade if you are using database authentication.
diff --git a/pom.xml b/pom.xml
index 71bb83c748cf31dd7e1757af70778bb11f9ed0a5..674c8f42515817181ccec2cb38ac22754daf6ad9 100644
--- a/pom.xml
+++ b/pom.xml
@@ -3,7 +3,7 @@
 	<modelVersion>4.0.0</modelVersion>
 	<groupId>de.thm.arsnova</groupId>
 	<artifactId>arsnova-backend</artifactId>
-	<version>2.0.4-SNAPSHOT</version>
+	<version>2.0.4</version>
 	<packaging>war</packaging>
 
 	<properties>