Now the new password form parser (form_parser.h) takes a field value for saving. As a result if JavaScript mangled field values before form submission, incorrect values are proposed for saving.

It's pretty easy to fix, FormData has |typed_value|, and it should be taken when appropriate, the same way as in the old parser 
https://cs.chromium.org/chromium/src/components/autofill/content/renderer/password_form_conversion_utils.cc?dr=CSs&g=0&l=749