diff --git a/lib/Catalyst/Plugin/NGCP/EscapeURI.pm b/lib/Catalyst/Plugin/NGCP/EscapeURI.pm
new file mode 100644
index 0000000000..4d81aefe6d
--- /dev/null
+++ b/lib/Catalyst/Plugin/NGCP/EscapeURI.pm
@@ -0,0 +1,13 @@
+package Catalyst::Plugin::NGCP::EscapeURI;
+use warnings;
+use strict;
+use MRO::Compat;
+
+use NGCP::Panel::Utils::Generic qw();
+
+sub escape_uri {
+    my $c = shift;
+    return NGCP::Panel::Utils::Generic::escape_uri(@_);
+}
+
+1;
diff --git a/lib/NGCP/Panel.pm b/lib/NGCP/Panel.pm
index e4b9bbc238..c928b3e16a 100644
--- a/lib/NGCP/Panel.pm
+++ b/lib/NGCP/Panel.pm
@@ -28,6 +28,7 @@ use Catalyst qw/
     NGCP::RealmCookie
     NGCP::EscapeSensitiveValue
     NGCP::EscapeJs
+    NGCP::EscapeURI
     I18N
 /;
 use Log::Log4perl::Catalyst qw();
diff --git a/lib/NGCP/Panel/Utils/Generic.pm b/lib/NGCP/Panel/Utils/Generic.pm
index 27d12ef61c..0f1db60bf3 100644
--- a/lib/NGCP/Panel/Utils/Generic.pm
+++ b/lib/NGCP/Panel/Utils/Generic.pm
@@ -2,14 +2,15 @@ package NGCP::Panel::Utils::Generic;
 use strict;
 use warnings;
 use Exporter;
+use URI::Escape qw(uri_escape_utf8);
 use vars qw($VERSION @ISA @EXPORT @EXPORT_OK %EXPORT_TAGS);
 
 $VERSION     = 1.00;
 @ISA         = qw(Exporter);
 @EXPORT      = ();
-@EXPORT_OK   = qw(is_int is_integer is_decimal merge compare is_false is_true get_inflated_columns_all hash2obj mime_type_to_extension extension_to_mime_type array_to_map escape_js trim);
-%EXPORT_TAGS = ( DEFAULT => [qw(&is_int &is_integer &is_decimal &merge &compare &is_false &is_true &mime_type_to_extension &extension_to_mime_type &array_to_map &escape_js &trim)],
-    all    =>  [qw(&is_int &is_integer &is_decimal &merge &compare &is_false &is_true &get_inflated_columns_all &hash2obj &mime_type_to_extension &extension_to_mime_type &array_to_map &escape_js &trim)]);
+@EXPORT_OK   = qw(is_int is_integer is_decimal merge compare is_false is_true get_inflated_columns_all hash2obj mime_type_to_extension extension_to_mime_type array_to_map escape_js escape_uri trim);
+%EXPORT_TAGS = ( DEFAULT => [qw(&is_int &is_integer &is_decimal &merge &compare &is_false &is_true &mime_type_to_extension &extension_to_mime_type &array_to_map &escape_js &escape_uri &trim)],
+    all    =>  [qw(&is_int &is_integer &is_decimal &merge &compare &is_false &is_true &get_inflated_columns_all &hash2obj &mime_type_to_extension &extension_to_mime_type &array_to_map &escape_js &escape_uri &trim)]);
 
 use Hash::Merge;
 use Data::Compare qw//;
@@ -219,6 +220,11 @@ sub escape_js {
     return $str;
 }
 
+sub escape_uri {
+    my $str = shift // '';
+    return uri_escape_utf8($str);
+}
+
 sub trim {
     my $value = shift;
     $value =~ s/^\s+|\s+$//g;
diff --git a/share/layout/body.tt b/share/layout/body.tt
index 071f02dcef..0380b03d9e 100644
--- a/share/layout/body.tt
+++ b/share/layout/body.tt
@@ -137,7 +137,7 @@
             [% IF c.config.general.ui_enable -%]
               [% IF c.user.roles == 'admin' || c.user.roles == 'reseller' || c.user.roles == 'ccareadmin' || c.user.roles == 'ccare' || c.user.roles == 'lintercept' -%]
                 <div class="nav pull-right">
-                  <b><a href="[% c.uri_for_action('/login_to_v2') -%]/?page=[% c.req.path -%]">[% c.loc('GO TO NEW ADMIN PANEL') -%]</a></b>
+                  <b><a href="[% c.uri_for_action('/login_to_v2') -%]/?page=[% c.escape_uri(c.req.path) -%]">[% c.loc('GO TO NEW ADMIN PANEL') -%]</a></b>
                 </div>
               [% END -%]
             [% END -%]
@@ -220,7 +220,7 @@ var mainWrapperInit = function () {
     });
 
     [%
-        backuri = c.req.uri;
+        backuri = c.escape_uri(c.req.uri);
         tmp = backuri.query_param_delete('back');
     -%]
     $('a').each(function() {