diff --git a/Library/Homebrew/cask/audit.rb b/Library/Homebrew/cask/audit.rb
index 63dd5d234d..279c3e3550 100644
--- a/Library/Homebrew/cask/audit.rb
+++ b/Library/Homebrew/cask/audit.rb
@@ -233,7 +233,6 @@ module Cask
       return unless cask.version
 
       check_no_string_version_latest
-      check_no_file_separator_in_version
     end
 
     def check_no_string_version_latest
@@ -243,14 +242,6 @@ module Cask
       add_error "you should use version :latest instead of version 'latest'"
     end
 
-    def check_no_file_separator_in_version
-      odebug "Verifying version does not contain '#{File::SEPARATOR}'"
-      return unless cask.version.raw_version.is_a?(String)
-      return unless cask.version.raw_version.include?(File::SEPARATOR)
-
-      add_error "version should not contain '#{File::SEPARATOR}'"
-    end
-
     def check_sha256
       return unless cask.sha256
 
diff --git a/Library/Homebrew/cask/dsl/version.rb b/Library/Homebrew/cask/dsl/version.rb
index 1de6ed2ccd..009477ff1a 100644
--- a/Library/Homebrew/cask/dsl/version.rb
+++ b/Library/Homebrew/cask/dsl/version.rb
@@ -19,7 +19,7 @@ module Cask
 
       MAJOR_MINOR_PATCH_REGEX = /^([^.,:]+)(?:.([^.,:]+)(?:.([^.,:]+))?)?/.freeze
 
-      INVALID_CHARACTERS = /[^0-9a-zA-Z.,:\-_]/.freeze
+      INVALID_CHARACTERS = /[^0-9a-zA-Z.,:\-_+% ]/.freeze
 
       class << self
         private
@@ -68,10 +68,13 @@ module Cask
       def initialize(raw_version)
         @raw_version = raw_version
         super(raw_version.to_s)
+
+        invalid = invalid_characters
+        raise TypeError, "#{raw_version} contains invalid characters: #{invalid.uniq.join}!" if invalid.present?
       end
 
       def invalid_characters
-        return [] if latest?
+        return [] if raw_version.blank? || latest?
 
         raw_version.scan(INVALID_CHARACTERS)
       end
diff --git a/Library/Homebrew/test/cask/audit_spec.rb b/Library/Homebrew/test/cask/audit_spec.rb
index 4e0feb6635..23d0009db9 100644
--- a/Library/Homebrew/test/cask/audit_spec.rb
+++ b/Library/Homebrew/test/cask/audit_spec.rb
@@ -1011,24 +1011,5 @@ describe Cask::Audit, :cask do
         expect(audit.cask.url.cookies).to eq "foo" => "bar"
       end
     end
-
-    context "when the version contains a slash" do
-      let(:cask_token) { "foo" }
-      let(:cask) do
-        tmp_cask cask_token.to_s, <<~RUBY
-          cask '#{cask_token}' do
-            version '0.1,../../directory/traversal'
-            sha256 '8dd95daa037ac02455435446ec7bc737b34567afe9156af7d20b2a83805c1d8a'
-            url 'https://brew.sh/foo.zip'
-            name 'Audit'
-            desc 'Audit Description'
-            homepage 'https://brew.sh'
-            app 'Audit.app'
-          end
-        RUBY
-      end
-
-      it { is_expected.to fail_with(%r{version should not contain '/'}) }
-    end
   end
 end
diff --git a/Library/Homebrew/test/cask/dsl/version_spec.rb b/Library/Homebrew/test/cask/dsl/version_spec.rb
index 12f5db7dad..a8164b30f5 100644
--- a/Library/Homebrew/test/cask/dsl/version_spec.rb
+++ b/Library/Homebrew/test/cask/dsl/version_spec.rb
@@ -52,6 +52,14 @@ describe Cask::DSL::Version, :cask do
 
   let(:version) { described_class.new(raw_version) }
 
+  describe "#initialize" do
+    it "raises an error when the version contains a slash" do
+      expect {
+        described_class.new("0.1,../../directory/traversal")
+      }.to raise_error(TypeError, %r{invalid characters: /})
+    end
+  end
+
   describe "#==" do
     subject { version == other }