diff --git a/CHANGELOG.md b/CHANGELOG.md
index fefe311..91fd812 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,6 @@
+## v4.1.12
+* Added escaping for db query in method for getting zone
+
 ## v4.1.11
 * Fixed the transfer of the weight offers
 
diff --git a/VERSION b/VERSION
index 152e452..b05079e 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-4.1.11
+4.1.12
diff --git a/src/upload/system/library/retailcrm/lib/repository/DataRepository.php b/src/upload/system/library/retailcrm/lib/repository/DataRepository.php
index 74abcb7..62393b7 100644
--- a/src/upload/system/library/retailcrm/lib/repository/DataRepository.php
+++ b/src/upload/system/library/retailcrm/lib/repository/DataRepository.php
@@ -124,6 +124,7 @@ class DataRepository extends \retailcrm\Base {
      * @return array
      */
     public function getZoneByName($name) {
+        $name = $this->db->escape($name);
         $query = $this->db->query("SELECT * FROM `" . DB_PREFIX . "zone` WHERE name = '" . $name . "'");
 
         return $query->row;
diff --git a/tests/system/lib/repository/DataRepositoryAdminTest.php b/tests/system/lib/repository/DataRepositoryAdminTest.php
index 071e760..94ed8c1 100644
--- a/tests/system/lib/repository/DataRepositoryAdminTest.php
+++ b/tests/system/lib/repository/DataRepositoryAdminTest.php
@@ -19,6 +19,8 @@ class DataRepositoryAdminTest extends TestCase {
 
         $this->assertNotEmpty($zone);
         $this->assertNotEmpty($zone['zone_id']);
+
+        $repository->getZoneByName('Rostov-na-Do\'nu');
     }
 
     public function testGetCurrencyByCode() {