diff --git a/rest-api/src/main/java/lcsb/mapviewer/api/projects/ProjectRestImpl.java b/rest-api/src/main/java/lcsb/mapviewer/api/projects/ProjectRestImpl.java
index 962f1f8d1ab7b9a0a81ecb1d4066eb70a7d8784d..7bfcf86676e664f94188e7ddd4c9bedd536dbe86 100644
--- a/rest-api/src/main/java/lcsb/mapviewer/api/projects/ProjectRestImpl.java
+++ b/rest-api/src/main/java/lcsb/mapviewer/api/projects/ProjectRestImpl.java
@@ -386,6 +386,9 @@ public class ProjectRestImpl extends BaseRestImpl {
     params.sbgnFormat(getFirstValue(data.get("sbgn")));
     params.semanticZoomContainsMultipleLayouts(getFirstValue(data.get("semantic-zoom-contains-multiple-layouts")));
     params.version(getFirstValue(data.get("version")));
+    if (params.getVersion() != null && params.getVersion().length() > 20) {
+      throw new QueryException("version is too long (>20 characters)");
+    }
     params.annotations(getFirstValue(data.get("annotate")));
     params.setUser(user);
     MapCanvasType mapCanvasType;
diff --git a/web/src/test/java/lcsb/mapviewer/web/ProjectControllerIntegrationTestWithoutTransaction.java b/web/src/test/java/lcsb/mapviewer/web/ProjectControllerIntegrationTestWithoutTransaction.java
index bfc812723f1e17b5de435eb185d918146139a4df..553c289fe1058188119a42c739b1c4e08a70f9bc 100644
--- a/web/src/test/java/lcsb/mapviewer/web/ProjectControllerIntegrationTestWithoutTransaction.java
+++ b/web/src/test/java/lcsb/mapviewer/web/ProjectControllerIntegrationTestWithoutTransaction.java
@@ -130,6 +130,35 @@ public class ProjectControllerIntegrationTestWithoutTransaction extends Controll
     }
   }
 
+  @Test
+  public void addProjectWithTooLongVersion() throws Exception {
+    User admin = userService.getUserByLogin(BUILT_IN_ADMIN_LOGIN);
+    UploadedFileEntry fileEntry = createFileInSeparateThread(
+        new String(Files.readAllBytes(Paths.get("./src/test/resources/generic.xml")), "UTF-8"),
+        admin);
+    try {
+      String invalidVersion = "12345678901234567890123456";
+
+      String body = EntityUtils.toString(new UrlEncodedFormEntity(Arrays.asList(
+          new BasicNameValuePair("file-id", String.valueOf(fileEntry.getId())),
+          new BasicNameValuePair("mapCanvasType", "OPEN_LAYERS"),
+          new BasicNameValuePair("version", invalidVersion),
+          new BasicNameValuePair("parser",
+              "lcsb.mapviewer.converter.model.celldesigner.CellDesignerXmlParser"))));
+
+      RequestBuilder request = post("/projects/" + TEST_PROJECT)
+          .contentType(MediaType.APPLICATION_FORM_URLENCODED)
+          .content(body)
+          .session(createSession(BUILT_IN_ADMIN_LOGIN, BUILT_IN_ADMIN_PASSWORD));
+
+      mockMvc.perform(request).andExpect(status().isBadRequest());
+
+    } finally {
+      removeFileInSeparateThread(fileEntry);
+      removeProjectInSeparateThread(TEST_PROJECT);
+    }
+  }
+
   @Test
   public void modifyProjectWithTooLongName() throws Exception {
     createProjectInSeparateThread(TEST_PROJECT);