CXF is escaping "<" chars into SOAP headers for the webservice workitem. A hack is needed to override this default behavior with an interceptor for configured elements.

New workitem param "CDataElements" (comma-separated list string) will contain the elements that need to be wrapped into CDATA.

Ex: params.put("cdataElements", "ContexteSession,endCity");