diff --git a/2020/13xxx/CVE-2020-13923.json b/2020/13xxx/CVE-2020-13923.json
index 59118c6e12a..95eb4943959 100644
--- a/2020/13xxx/CVE-2020-13923.json
+++ b/2020/13xxx/CVE-2020-13923.json
@@ -53,6 +53,11 @@
                 "refsource": "MLIST",
                 "name": "[announce] 20200715 [CVE-2020-13923] IDOR in Apache OFBiz",
                 "url": "https://lists.apache.org/thread.html/r2e669797c1ea08562253239d2dc4192d951945e0c36cb0754f5394a6@%3Cannounce.apache.org%3E"
+            },
+            {
+                "refsource": "MLIST",
+                "name": "[ofbiz-notifications] 20200716 [jira] [Updated] (OFBIZ-11836) IDOR vulnerability in the order processing feature in ecommerce component (CVE-2020-13923)",
+                "url": "https://lists.apache.org/thread.html/rac7e36c3daa60dd4b813f72942921b4fad71da821480ebcea96ecea1@%3Cnotifications.ofbiz.apache.org%3E"
             }
         ]
     },
diff --git a/2020/9xxx/CVE-2020-9496.json b/2020/9xxx/CVE-2020-9496.json
index 602b87b4d41..33f624974f3 100644
--- a/2020/9xxx/CVE-2020-9496.json
+++ b/2020/9xxx/CVE-2020-9496.json
@@ -53,6 +53,11 @@
                 "refsource": "MLIST",
                 "name": "[announce] 20200715 [CVE-2020-9496] Apache OFBiz XML-RPC requests vulnerable without authentication",
                 "url": "https://lists.apache.org/thread.html/raf6020f765f12711e817ce13df63ecd7d677eebea8001e0473ee7c84@%3Cannounce.apache.org%3E"
+            },
+            {
+                "refsource": "MLIST",
+                "name": "[ofbiz-notifications] 20200716 [jira] [Updated] (OFBIZ-11716) Apache OFBiz unsafe deserialization of XMLRPC arguments (CVE-2020-9496)",
+                "url": "https://lists.apache.org/thread.html/rde93e1c91620335b72b798f78ab4459d3f7b06f96031d8ce86a18825@%3Cnotifications.ofbiz.apache.org%3E"
             }
         ]
     },