In the past we identified issues when we used certain type of special characters e.g $$ in password. You'd know we practically had $$ everywhere within the product.
This to me see like a similar issue and would need Engineering intervention to see if % is a reserve word or is product code chopping something before or after or encoding %.
You'd be better off raising a Support case as well. Just add this link in the Support and save you the hassle of explaining from ground zero. You'd need to provide fiddler trace, webagent.log, webagenttrace.log, smps.log, smaccess.log, smtracedefault.log and most important for now just use login.fcc to prove OOB doesn't work.