Ok the root cause of this problem, and it only can happen in the head replacement code is following.
a) Browsers do not allow a direct head replacement.
b) Instead the head is more or less generated and then parsed by an xml construct (and if not a direct head replacement is tried). The xml construct parses the code as xml and during this parsing step a deserialize xml is called to get the script text data. This works but it encodes & into amp, now, we do not need that for script tags in most cases, a simple xml.text should suffice which does not encode the &. So I will add the xml.text as fallback if present, this should resolve the issue.
The normal update cases are not touched by this issue, hence it has not crawled up so far.