diff --git a/Pages/Page.php b/Pages/Page.php
index e797f71d3..cd37ed42d 100644
--- a/Pages/Page.php
+++ b/Pages/Page.php
@@ -170,7 +170,7 @@ public function RedirectToError($errorMessageId = ErrorMessages::UNKNOWN_ERROR,
 
     public function GetLastPage($defaultPage = '')
     {
-        $referer = getenv("HTTP_REFERER");
+        $referer = filter_var(getenv("HTTP_REFERER"), FILTER_SANITIZE_FULL_SPECIAL_CHARS);
         if (empty($referer)) {
             return empty($defaultPage) ? Pages::LOGIN : $defaultPage;
         }