diff --git a/lib/private/AppFramework/Middleware/Security/RateLimitingMiddleware.php b/lib/private/AppFramework/Middleware/Security/RateLimitingMiddleware.php
index 712becb3be53cd8aae8a93fdd8ee09bd9d1b907e..f5960880546c33878e6cdd5a6fb0ffd8cdba677d 100644
--- a/lib/private/AppFramework/Middleware/Security/RateLimitingMiddleware.php
+++ b/lib/private/AppFramework/Middleware/Security/RateLimitingMiddleware.php
@@ -27,7 +27,7 @@ namespace OC\AppFramework\Middleware\Security;
 use OC\AppFramework\Utility\ControllerMethodReflector;
 use OC\Security\RateLimiting\Exception\RateLimitExceededException;
 use OC\Security\RateLimiting\Limiter;
-use OCP\AppFramework\Http\JSONResponse;
+use OCP\AppFramework\Http\DataResponse;
 use OCP\AppFramework\Http\TemplateResponse;
 use OCP\AppFramework\Middleware;
 use OCP\IRequest;
@@ -110,21 +110,14 @@ class RateLimitingMiddleware extends Middleware {
 	public function afterException($controller, $methodName, \Exception $exception) {
 		if ($exception instanceof RateLimitExceededException) {
 			if (stripos($this->request->getHeader('Accept'),'html') === false) {
-				$response = new JSONResponse(
-					[
-						'message' => $exception->getMessage(),
-					],
-					$exception->getCode()
-				);
+				$response = new DataResponse([], $exception->getCode());
 			} else {
 				$response = new TemplateResponse(
-						'core',
-						'403',
-							[
-								'file' => $exception->getMessage()
-							],
-						'guest'
-					);
+					'core',
+					'429',
+					[],
+					TemplateResponse::RENDER_AS_GUEST
+				);
 				$response->setStatus($exception->getCode());
 			}
 
diff --git a/lib/private/Template/Base.php b/lib/private/Template/Base.php
index c95958ceea11a04db1de32a3c9eacfcd064e49a3..65d0ad469ff3d96e2467ec4c5791e4ddf0ff547d 100644
--- a/lib/private/Template/Base.php
+++ b/lib/private/Template/Base.php
@@ -168,7 +168,9 @@ class Base {
 		if (!is_null($additionalParams)) {
 			$_ = array_merge($additionalParams, $this->vars);
 			foreach ($_ as $var => $value) {
-				${$var} = $value;
+				if (!isset(${$var})) {
+					${$var} = $value;
+				}
 			}
 		}
 
diff --git a/tests/lib/AppFramework/Middleware/Security/RateLimitingMiddlewareTest.php b/tests/lib/AppFramework/Middleware/Security/RateLimitingMiddlewareTest.php
index 0d27a9a070f365066fc720d31ca4a551f254f19b..aa713b99156feb782cfa84a9cf938f0d8052b0ee 100644
--- a/tests/lib/AppFramework/Middleware/Security/RateLimitingMiddlewareTest.php
+++ b/tests/lib/AppFramework/Middleware/Security/RateLimitingMiddlewareTest.php
@@ -26,13 +26,16 @@ use OC\AppFramework\Utility\ControllerMethodReflector;
 use OC\Security\RateLimiting\Exception\RateLimitExceededException;
 use OC\Security\RateLimiting\Limiter;
 use OCP\AppFramework\Controller;
-use OCP\AppFramework\Http\JSONResponse;
+use OCP\AppFramework\Http\DataResponse;
 use OCP\AppFramework\Http\TemplateResponse;
 use OCP\IRequest;
 use OCP\IUser;
 use OCP\IUserSession;
 use Test\TestCase;
 
+/**
+ * @group DB
+ */
 class RateLimitingMiddlewareTest extends TestCase {
 	/** @var IRequest|\PHPUnit\Framework\MockObject\MockObject */
 	private $request;
@@ -250,11 +253,7 @@ class RateLimitingMiddlewareTest extends TestCase {
 			->willReturn('JSON');
 
 		$result = $this->rateLimitingMiddleware->afterException($controller, 'testMethod', new RateLimitExceededException());
-		$expected = new JSONResponse(
-			[
-				'message' => 'Rate limit exceeded',
-			],
-			429
+		$expected = new DataResponse([], 429
 		);
 		$this->assertEquals($expected, $result);
 	}
@@ -271,13 +270,12 @@ class RateLimitingMiddlewareTest extends TestCase {
 		$result = $this->rateLimitingMiddleware->afterException($controller, 'testMethod', new RateLimitExceededException());
 		$expected = new TemplateResponse(
 			'core',
-			'403',
-			[
-				'file' => 'Rate limit exceeded',
-			],
-			'guest'
+			'429',
+			[],
+			TemplateResponse::RENDER_AS_GUEST
 		);
 		$expected->setStatus(429);
 		$this->assertEquals($expected, $result);
+		$this->assertIsString($result->render());
 	}
 }