diff --git a/common/data/src/main/java/org/thingsboard/server/common/data/queue/Queue.java b/common/data/src/main/java/org/thingsboard/server/common/data/queue/Queue.java
index b4d65706a2..a6623be8a4 100644
--- a/common/data/src/main/java/org/thingsboard/server/common/data/queue/Queue.java
+++ b/common/data/src/main/java/org/thingsboard/server/common/data/queue/Queue.java
@@ -22,11 +22,17 @@ import org.thingsboard.server.common.data.SearchTextBasedWithAdditionalInfo;
 import org.thingsboard.server.common.data.id.QueueId;
 import org.thingsboard.server.common.data.id.TenantId;
 import org.thingsboard.server.common.data.tenant.profile.TenantProfileQueueConfiguration;
+import org.thingsboard.server.common.data.validation.Length;
+import org.thingsboard.server.common.data.validation.NoXss;
 
 @Data
 public class Queue extends SearchTextBasedWithAdditionalInfo<QueueId> implements HasName, HasTenantId {
     private TenantId tenantId;
+    @NoXss
+    @Length(fieldName = "name")
     private String name;
+    @NoXss
+    @Length(fieldName = "topic")
     private String topic;
     private int pollInterval;
     private int partitions;
diff --git a/dao/src/main/java/org/thingsboard/server/dao/service/validator/QueueValidator.java b/dao/src/main/java/org/thingsboard/server/dao/service/validator/QueueValidator.java
index c8ce639d40..a1d0df43d5 100644
--- a/dao/src/main/java/org/thingsboard/server/dao/service/validator/QueueValidator.java
+++ b/dao/src/main/java/org/thingsboard/server/dao/service/validator/QueueValidator.java
@@ -29,6 +29,8 @@ import org.thingsboard.server.dao.queue.QueueDao;
 import org.thingsboard.server.dao.service.DataValidator;
 import org.thingsboard.server.dao.tenant.TbTenantProfileCache;
 
+import java.util.regex.Pattern;
+
 @Component
 public class QueueValidator extends DataValidator<Queue> {
 
@@ -38,6 +40,8 @@ public class QueueValidator extends DataValidator<Queue> {
     @Autowired
     private TbTenantProfileCache tenantProfileCache;
 
+    private final Pattern queueTopicPattern = Pattern.compile("^[a-zA-Z0-9_.\\-]+$");
+
     @Override
     protected void validateCreate(TenantId tenantId, Queue queue) {
         if (queueDao.findQueueByTenantIdAndName(tenantId, queue.getName()) != null) {
@@ -76,8 +80,14 @@ public class QueueValidator extends DataValidator<Queue> {
         if (StringUtils.isEmpty(queue.getName())) {
             throw new DataValidationException("Queue name should be specified!");
         }
-        if (StringUtils.isBlank(queue.getTopic())) {
-            throw new DataValidationException("Queue topic should be non empty and without spaces!");
+        if (!queueTopicPattern.matcher(queue.getName()).matches()) {
+            throw new DataValidationException("Queue name contains a character other than ASCII alphanumerics, '.', '_' and '-'!");
+        }
+        if (StringUtils.isEmpty(queue.getTopic())) {
+            throw new DataValidationException("Queue topic should be specified!");
+        }
+        if (!queueTopicPattern.matcher(queue.getTopic()).matches()) {
+            throw new DataValidationException("Queue topic contains a character other than ASCII alphanumerics, '.', '_' and '-'!");
         }
         if (queue.getPollInterval() < 1) {
             throw new DataValidationException("Queue poll interval should be more then 0!");
diff --git a/dao/src/main/java/org/thingsboard/server/dao/service/validator/TenantProfileDataValidator.java b/dao/src/main/java/org/thingsboard/server/dao/service/validator/TenantProfileDataValidator.java
index ce15ec9e88..bfca262abf 100644
--- a/dao/src/main/java/org/thingsboard/server/dao/service/validator/TenantProfileDataValidator.java
+++ b/dao/src/main/java/org/thingsboard/server/dao/service/validator/TenantProfileDataValidator.java
@@ -34,6 +34,7 @@ import java.util.HashSet;
 import java.util.List;
 import java.util.Optional;
 import java.util.Set;
+import java.util.regex.Pattern;
 
 @Component
 public class TenantProfileDataValidator extends DataValidator<TenantProfile> {
@@ -45,6 +46,8 @@ public class TenantProfileDataValidator extends DataValidator<TenantProfile> {
     @Lazy
     private TenantProfileService tenantProfileService;
 
+    private final Pattern queueTopicPattern = Pattern.compile("^[a-zA-Z0-9_.\\-]+$");
+
     @Override
     protected void validateDataImpl(TenantId tenantId, TenantProfile tenantProfile) {
         if (StringUtils.isEmpty(tenantProfile.getName())) {
@@ -110,8 +113,14 @@ public class TenantProfileDataValidator extends DataValidator<TenantProfile> {
         if (StringUtils.isEmpty(queue.getName())) {
             throw new DataValidationException("Queue name should be specified!");
         }
-        if (StringUtils.isBlank(queue.getTopic())) {
-            throw new DataValidationException("Queue topic should be non empty and without spaces!");
+        if (!queueTopicPattern.matcher(queue.getName()).matches()) {
+            throw new DataValidationException("Queue name contains a character other than ASCII alphanumerics, '.', '_' and '-'!");
+        }
+        if (StringUtils.isEmpty(queue.getTopic())) {
+            throw new DataValidationException("Queue topic should be specified!");
+        }
+        if (!queueTopicPattern.matcher(queue.getTopic()).matches()) {
+            throw new DataValidationException("Queue topic contains a character other than ASCII alphanumerics, '.', '_' and '-'!");
         }
         if (queue.getPollInterval() < 1) {
             throw new DataValidationException("Queue poll interval should be more then 0!");
diff --git a/ui-ngx/src/app/modules/home/components/queue/queue-form.component.html b/ui-ngx/src/app/modules/home/components/queue/queue-form.component.html
index 6c34e0111f..6e291e9e23 100644
--- a/ui-ngx/src/app/modules/home/components/queue/queue-form.component.html
+++ b/ui-ngx/src/app/modules/home/components/queue/queue-form.component.html
@@ -26,6 +26,9 @@
     <mat-error *ngIf="queueFormGroup.get('name').hasError('unique')">
       {{ 'queue.name-unique' | translate }}
     </mat-error>
+    <mat-error *ngIf="queueFormGroup.get('name').hasError('pattern')">
+      {{ 'queue.name-pattern' | translate }}
+    </mat-error>
   </mat-form-field>
   <mat-accordion class="queue-strategy" [multi]="true">
     <mat-expansion-panel [expanded]="true">
diff --git a/ui-ngx/src/app/modules/home/components/queue/queue-form.component.ts b/ui-ngx/src/app/modules/home/components/queue/queue-form.component.ts
index b84dfc9985..30df2ff7ae 100644
--- a/ui-ngx/src/app/modules/home/components/queue/queue-form.component.ts
+++ b/ui-ngx/src/app/modules/home/components/queue/queue-form.component.ts
@@ -99,7 +99,7 @@ export class QueueFormComponent implements ControlValueAccessor, OnInit, OnDestr
   ngOnInit() {
     this.queueFormGroup = this.fb.group(
       {
-        name: ['', [Validators.required]],
+        name: ['', [Validators.required, Validators.pattern(/^[a-zA-Z0-9_.\-]+$/)]],
         pollInterval: [25, [Validators.min(1), Validators.required]],
         partitions: [10, [Validators.min(1), Validators.required]],
         consumerPerPartition: [false, []],
diff --git a/ui-ngx/src/assets/locale/locale.constant-en_US.json b/ui-ngx/src/assets/locale/locale.constant-en_US.json
index 0286b5f9d2..747a12c336 100644
--- a/ui-ngx/src/assets/locale/locale.constant-en_US.json
+++ b/ui-ngx/src/assets/locale/locale.constant-en_US.json
@@ -2928,6 +2928,7 @@
         "name": "Name",
         "name-required": "Queue name is required!",
         "name-unique": "Queue name is not unique!",
+        "name-pattern": "Queue name contains a character other than ASCII alphanumerics, '.', '_' and '-'!",
         "queue-required": "Queue is required!",
         "topic-required": "Queue topic is required!",
         "poll-interval-required": "Poll interval is required!",