We have a custom property renderer:

    public class CustomRenderer : EPiServer.Web.Mvc.Html.PropertyRenderer
    {
        public override HtmlString PropertyFor<TModel, TValue>(
            IHtmlHelper<TModel> html,
            string viewModelPropertyName,
            object additionalViewData,
            object editorSettings,
            Expression<Func<TModel, TValue>> expression,
            Func<string, IHtmlContent> displayForAction)
        {
            var html = base.PropertyFor(html, viewModelPropertyName, additionalViewData, editorSettings, expression, displayForAction);
            ...
        }
    }

When this is called via a .cshtml view:

@Html.PropertyFor(m => m.CurrentBlock.Heading, new { CustomTag = "h1", CustomCssClass = @Model.SelectedHeadingSize })

additionalViewData will contain the anonymous object:

{ CustomTag = "h1", CustomCssClass = "if heading larger" }

In On-Page Editing mode this is causing an issue. If you peek at the Value property of the IHtmlContent returned by PropertyFor, the (C# escaped) string looks like this:

<h1 class=\"epi-editContainer\" data-epi-property-rendersettings=\"{\"CustomTag\":\"h1\",\"CustomCssClass\":\"if heading larger\"}\">Simple Hero block</h1>

Which results in the following HTML: 

<h1 class="epi-editContainer" data-epi-use-mvc="True" data-epi-property-rendersettings="{" customtag":"h1","customcssclass":"if="" heading="" larger"}"="">Simple Hero block</h1>

The data-epi-property-rendersettings attribute is clearly supposed to contain a JSON value, but because both the attribute and the JSON use double quotation mark characters, the result is just crap.

Any idea what's going on here? I found this issue after upgrading to CMS 12, but we seem to have it in our production environment also, where CMS 11 is used.