diff --git a/build.gradle b/build.gradle
index 71018f9..06606a4 100644
--- a/build.gradle
+++ b/build.gradle
@@ -15,7 +15,7 @@ apply plugin: 'eclipse'
 apply plugin: 'org.springframework.boot'
 
 final def extensionName = 'burp-rest-api'
-version = '2.2.0'
+version = '2.2.1'
 
 def updateVersion() {
     def configFile = new File('src/main/resources/application.yml')
diff --git a/src/main/java/com/vmware/burp/extension/domain/Parameter.java b/src/main/java/com/vmware/burp/extension/domain/Parameter.java
index 2961d3d..ea9c526 100644
--- a/src/main/java/com/vmware/burp/extension/domain/Parameter.java
+++ b/src/main/java/com/vmware/burp/extension/domain/Parameter.java
@@ -12,6 +12,9 @@
 import javax.xml.bind.annotation.XmlAccessorType;
 import javax.xml.bind.annotation.XmlElement;
 import javax.xml.bind.annotation.XmlRootElement;
+
+import com.vmware.burp.extension.utils.URLDecoderUtil;
+
 import java.io.UnsupportedEncodingException;
 import java.net.URLDecoder;
 
@@ -33,8 +36,8 @@ private Parameter() {
    }
 
    public Parameter(IParameter iParameter) throws UnsupportedEncodingException {
-      this.name = URLDecoder.decode(iParameter.getName(), "UTF-8");
-      this.value = URLDecoder.decode(iParameter.getValue(), "UTF-8");
+      this.name = URLDecoderUtil.safeDecode(iParameter.getName()); 
+      this.value = URLDecoderUtil.safeDecode(iParameter.getValue()); 
       this.type = ParameterType.getEnum(iParameter.getType());
    }
 
diff --git a/src/main/java/com/vmware/burp/extension/utils/URLDecoderUtil.java b/src/main/java/com/vmware/burp/extension/utils/URLDecoderUtil.java
new file mode 100644
index 0000000..67cc01a
--- /dev/null
+++ b/src/main/java/com/vmware/burp/extension/utils/URLDecoderUtil.java
@@ -0,0 +1,35 @@
+package com.vmware.burp.extension.utils;
+
+import java.io.UnsupportedEncodingException;
+import java.net.URLDecoder;
+import java.util.regex.Pattern;
+
+public class URLDecoderUtil {
+
+    // Regex pattern to validate hexadecimal sequences in URLs
+    private static final Pattern HEX_PATTERN = Pattern.compile("%[0-9A-Fa-f]{2}");
+
+    public static String safeDecode(String input) throws UnsupportedEncodingException {
+        // Validate hexadecimal sequences
+
+        StringBuffer decodedInput = new StringBuffer();
+
+        if (input.contains("%") && !HEX_PATTERN.matcher(input).find()) {
+            
+            String[] splittedInput = input.split("%");
+            for (String partialInput : splittedInput) {
+                if (!HEX_PATTERN.matcher("%" + partialInput).find()){
+                    decodedInput.append("%" + partialInput);
+                }else{
+                    decodedInput.append(URLDecoder.decode("%" + partialInput, "UTF-8"));
+                }
+            }
+            
+        }else{
+            decodedInput.append(URLDecoder.decode(input, "UTF-8"));
+        }
+        
+        // Decode the input
+        return decodedInput.toString();
+    }
+}
diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml
index 1df0173..c4b801b 100644
--- a/src/main/resources/application.yml
+++ b/src/main/resources/application.yml
@@ -9,4 +9,4 @@ server:
 headless:
   mode: ${java.awt.headless}
 
-build.version: 2.2.0
+build.version: 2.2.1