diff --git a/hypha/apply/funds/templates/funds/application_base.html b/hypha/apply/funds/templates/funds/application_base.html
index 32b43e12a1c729138a5c19ae1004092111e6fbff..37664fc0035d00f0c1ef778e969d28d92d21ca11 100644
--- a/hypha/apply/funds/templates/funds/application_base.html
+++ b/hypha/apply/funds/templates/funds/application_base.html
@@ -32,7 +32,7 @@
         <h3>{% blocktrans %}Sorry this {{ page|verbose_name }} is not accepting applications at the moment{% endblocktrans %}</h3>
     {% else%}
         {% if page.get_parent.specific.guide_link %}
-            <a href="{{ page.get_parent.specific.guide_link }}" class="link link--fixed-apply" target="_blank">
+            <a href="{{ page.get_parent.specific.guide_link }}" class="link link--fixed-apply" target="_blank" rel="noopener noreferrer">
                 {% trans "Application guide" %}
             </a>
         {% endif %}
diff --git a/hypha/apply/stream_forms/templates/stream_forms/includes/file_field.html b/hypha/apply/stream_forms/templates/stream_forms/includes/file_field.html
index 79079bf273865a73c7c4068ba026420ada3a9a8e..be121353205a7497260b3b77c67442c95d2263d0 100644
--- a/hypha/apply/stream_forms/templates/stream_forms/includes/file_field.html
+++ b/hypha/apply/stream_forms/templates/stream_forms/includes/file_field.html
@@ -1,4 +1,4 @@
-<a class="link link--download" href="{{ file.url }}" target="_blank">
+<a class="link link--download" href="{{ file.url }}" target="_blank" rel="noopener noreferrer">
     <div>
         <svg><use xlink:href="#file"></use></svg>
         <span>{{ file.filename }}</span>
diff --git a/hypha/apply/templates/forms/includes/field.html b/hypha/apply/templates/forms/includes/field.html
index 26fae3c765d91889e2e1ffb5c883a1ac0b6984c0..4fd4a83044e6f45f0bafdee928c39af9ce5c780c 100644
--- a/hypha/apply/templates/forms/includes/field.html
+++ b/hypha/apply/templates/forms/includes/field.html
@@ -25,7 +25,7 @@
     {% endif %}
 
     {% if field.field.help_link %}
-        <p class="form__help-link"><a href="{{ field.field.help_link }}" target="_blank">See help guide for more information.<svg class="form__open-icon"><use xlink:href="#open-in-new-tab"></use></svg></a></p>
+        <p class="form__help-link"><a href="{{ field.field.help_link }}" target="_blank" rel="noopener noreferrer">See help guide for more information.<svg class="form__open-icon"><use xlink:href="#open-in-new-tab"></use></svg></a></p>
     {% endif %}
 
     <div class="form__item">
diff --git a/hypha/static_src/src/javascript/apply/application-form-links-new-window.js b/hypha/static_src/src/javascript/apply/application-form-links-new-window.js
index 4cca0c08c157e60b19806684c89e023bb4330784..ba701d96afde8168294b6ddb7efa53f60bc0fac6 100644
--- a/hypha/static_src/src/javascript/apply/application-form-links-new-window.js
+++ b/hypha/static_src/src/javascript/apply/application-form-links-new-window.js
@@ -3,6 +3,9 @@
     'use strict';
 
     // Make links on application forms open in a new window/tab.
-    $('.application-form').find('a').attr('target', '_blank');
+    $('.application-form').find('a').attr({
+        target: '_blank',
+        rel: 'noopener noreferrer'
+    });
 
 })(jQuery);