In the clouds to see this
So hand cheap points to open, found that the repair is not complete.
It turned out what seemed like protection are not, now parameter to add the double quotes and braces to protect, turned into("xxx")like this, can still be injected.
Vulnerability to prove:
Can't repair the injection? on. Outrageous escape or filter all good..