[backport] fix issue #3094 - angular code xss in comments

app/partials/common/history/history-activity.jade

@@ -15,7 +15,7 @@ div(class!="activity-single <%- mode %>")
             span(translate="COMMENTS.DELETED_INFO",
                  translate-values!="{ user: '<%- deleteCommentUser %>', date: '<%- deleteCommentDate %>'}")
         <% } %>
-        .comment.wysiwyg
+        .comment.wysiwyg(ng-non-bindable)
             | <%= comment %>
             <% if (!deleteCommentDate && mode !== "activity" && canDeleteComment) { %>
             a(href="", class="icon icon-delete comment-delete", data-activity-id!="<%- activityId %>")