I discovered bug in my universal XML export code from
MDL-20157 (it's affects only 3d party plugins for now). Extra question fields could contain HTML special chars and they are not escaped properly.
Should be easy to fix using <![CDATA[ ]]> tag if such characters existed, adapting solution used by XML format writetext function. I'm going to commit patch in the near time.