IMO the problem is clearly in the remote RSS block. Let me explain:
When the RSS feed is generated it must be XML compliant so all the "&" must be converted to their & entity. And we are doing that perfectly.
Later, if the RSS block fetches one feed, it must be able to decode back those entities AND add them back when generating correct X-HTML to be displayed in the block.
If you take a look to the HTML generated by the block you will see that it's DOUBLE encoding entities, so it shows things like:
And, IMO that's the cause of the problem (so $_GET['eid'] becomes "corrupt" and so on). As said, the feed reader (the block) should be able to handle both correct and incorrect XML feeds (note our one are strictly correct). And then output links properly (only entity-zed one, to fulfill Moodle XHTML req).