It's been over 2 years since this issue was reported. Is the Java SDK
still being maintained by AuthorizeNet? Any issues with forking it to
GitHub so it can be maintained by the community?
This is a bug in the AuthorizeNet SDK library (at least in 1.4.6). The
library is not properly escaping XML attribute values or element text
values when serializing XML documents to Strings.
Just ran into this issue as well. This is caused by a bug in the
AuthorizeNet Java library (for XML API). The class that serializes the
XML transaction into a String (net.authorize.util.XmlTreeUtil) is not
escaping element attributes or text element ...