I believe that's a false positive as we don't use the standard "{{" and "}}" as our angular template markers, we use "{$" and "$}", hence the code I implemented escapes those and not the standard markers.
I have confirmed that with the code I propose above in place, the exploit is neutralised in the login page.
I believe that's a false positive as we don't use the standard "{{" and "}}" as our angular template markers, we use "{$" and "$}", hence the code I implemented escapes those and not the standard markers.
I have confirmed that with the code I propose above in place, the exploit is neutralised in the login page.