From de5a2d738bc8e5a68a5fcbc0e283842005d6647c Mon Sep 17 00:00:00 2001
From: Laurent Destailleur <eldy@destailleur.fr>
Date: Wed, 17 Jun 2020 18:39:25 +0200
Subject: [PATCH 1/2] FIX #14001

---
 htdocs/product/composition/card.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/htdocs/product/composition/card.php b/htdocs/product/composition/card.php
index f67910cbef4..1fbbe2ecefa 100644
--- a/htdocs/product/composition/card.php
+++ b/htdocs/product/composition/card.php
@@ -70,7 +70,7 @@ if ($cancel) $action ='';
 if ($action == 'add_prod' && ($user->rights->produit->creer || $user->rights->service->creer))
 {
 	$error=0;
-	var_dump(GETPOST("max_prod", 'int'));
+
 	for ($i=0; $i < GETPOST("max_prod", 'int'); $i++)
 	{
 		$qty = price2num(GETPOST("prod_qty_".$i, 'alpha'), 'MS');

From 22ca5e067189bffe8066df26df923a386f044c08 Mon Sep 17 00:00:00 2001
From: Laurent Destailleur <eldy@destailleur.fr>
Date: Fri, 19 Jun 2020 00:39:27 +0200
Subject: [PATCH 2/2] Fix XSS reported by C. Weiler <sak1.s3curity@gmail.com>
 in notice.php

---
 htdocs/public/notice.php | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/htdocs/public/notice.php b/htdocs/public/notice.php
index 43344c376aa..9663bff3cf0 100644
--- a/htdocs/public/notice.php
+++ b/htdocs/public/notice.php
@@ -41,9 +41,8 @@ if (! GETPOST('transkey', 'alphanohtml') && ! GETPOST('transphrase', 'alphanohtm
 }
 else
 {
-    $langs->load("error");
-    $langs->load("other");
+    $langs->loadLangs(array("error", "other"));
 
-    if (GETPOST('transphrase', 'alphanohtml')) print GETPOST('transphrase', 'alphanohtml');
-    if (GETPOST('transkey', 'alphanohtml')) print $langs->trans(GETPOST('transkey', 'alphanohtml'));
+    if (GETPOST('transphrase', 'alphanohtml')) print dol_escape_htmltag(GETPOST('transphrase', 'alphanohtml'));
+    elseif (GETPOST('transkey', 'alphanohtml')) print dol_escape_htmltag($langs->trans(GETPOST('transkey', 'alphanohtml')));
 }