diff --git a/app/models/institution.rb b/app/models/institution.rb
index b4e747744..20e71b9b4 100644
--- a/app/models/institution.rb
+++ b/app/models/institution.rb
@@ -568,15 +568,15 @@ def self.unaccrediteds
           # :nocov:
           if state_country_search[1].present?
             state = state_country_search[1].upcase.strip
-            filters << "state = '#{state}'"
-            filters << "physical_state = '#{state}'"
+            filters << "state = '#{state.gsub("'", "''")}'"
+            filters << "physical_state = '#{state.gsub("'", "''")}'"
             filters << 'state IS NOT NULL'
             filters << 'physical_state IS NOT NULL'
           end
           if state_country_search[2].present?
             country = state_country_search[2].upcase.strip
-            filters << "country = '#{country}'"
-            filters << "physical_country = '#{country}'"
+            filters << "country = '#{country.gsub("'", "''")}'"
+            filters << "physical_country = '#{country.gsub("'", "''")}'"
             filters << 'country IS NOT NULL'
             filters << 'physical_country IS NOT NULL'
           end