diff --git a/CHANGELOG.md b/CHANGELOG.md
index b88af16b..b2aed469 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,13 @@
 # Changelog
 
+## v3.0.1, 2018-04-17
+
+- Added Yellow CMS third party integration. (so-ri)
+
+This release contains changes relevant to security:
+
+- Fixed XSS vulnerability discovered by JoJoAction in twitter service. (liayn)
+
 ## v3.0.0, 2018-03-15
 
 - Added smaller share button variants. (richard67)
diff --git a/README-de.md b/README-de.md
index 647823db..a22a2a6a 100644
--- a/README-de.md
+++ b/README-de.md
@@ -13,14 +13,15 @@ Shariff besteht aus zwei Teilen. Der erste Teil ist eine einfache JavaScript-Bib
 ## Erste Schritte
 
 1. Das [aktuellste Shariff-Release](https://github.com/heiseonline/shariff/releases/latest) herunterladen
-2.  CSS im `<head>` einbinden:
-    * `build/shariff.complete.css` enthält alle Abhängigkeiten
-    * `build/shariff.min.css` verwenden, wenn [Font Awesome](https://github.com/FortAwesome/Font-Awesome) bereits in Ihrer Seite geladen wird
-3. JavaScript unmittelbar vor `</body>` einbinden:
-    * `build/shariff.complete.js` enthält alle Abhängigkeiten
-    * `build/shariff.min.js` verwenden, wenn [jQuery](https://github.com/jquery/jquery) bereits in der Seite vorhanden ist
-4. Beliebig viele `<div class="shariff">` Elemente einfügen
-5. Mit den unten beschriebenen `data`-Attributen Aussehen und Funktion konfigurieren
+2. Alle im Release enthaltenen Dateien hochladen
+3.  CSS im `<head>` einbinden:
+    * `shariff.complete.css` verlässt sich auf die im Release enthaltenen Abhängigkeiten
+    * `shariff.min.css` verwenden, wenn [Font Awesome](https://github.com/FortAwesome/Font-Awesome) bereits in Ihrer Seite geladen wird
+4. JavaScript unmittelbar vor `</body>` einbinden:
+    * `shariff.complete.js` verlässt sich auf die im Release enthaltenen Abhängigkeiten
+    * `shariff.min.js` verwenden, wenn [jQuery](https://github.com/jquery/jquery) bereits in der Seite vorhanden ist
+5. Beliebig viele `<div class="shariff">` Elemente einfügen
+6. Mit den unten beschriebenen `data`-Attributen Aussehen und Funktion konfigurieren
 
 Die Share-Counts in den Buttons benötigen ein [Backend](#backends) auf ihrem Server.
 
@@ -188,3 +189,4 @@ Bekannte Shariff-Integrationen für Drittanbieter-Systeme:
 * [WordPress-Plugin Shariff Wrapper](https://wordpress.org/plugins/shariff/)
 * [Xenforo [ITM] ctSSB für Xenforo 1.5](https://github.com/McAtze/-ITM-ctShariffSocialButtons)
 * [Xenforo [WMTech] Social Share Privacy Plugin](https://wmtech.net/products/wmtech-social-share-privacy.41/)
+* [Yellow Plugin Shariff](https://github.com/schulle4u/yellow-plugin-shariff)
diff --git a/README.md b/README.md
index c4251d2d..82b9c47f 100644
--- a/README.md
+++ b/README.md
@@ -14,14 +14,15 @@ Shariff consists of two parts: a simple JavaScript client library and an optiona
 ## Getting Started
 
 1. Download the [latest release](https://github.com/heiseonline/shariff/releases/latest)
-2. Include CSS in `<head>`:
-    * `build/shariff.complete.css` contains all dependencies
+2. Upload all files included in the release
+3. Include CSS in `<head>`:
+    * `shariff.complete.css` uses the dependencies included in the release files
     * if [Font Awesome](https://github.com/FortAwesome/Font-Awesome) is already included in your site, use `build/shariff.min.css`
-3. Include JavaScript right before `</body>`:
-    * `build/shariff.complete.js` contains all dependencies
+4. Include JavaScript right before `</body>`:
+    * `shariff.complete.js` uses the dependencies included in the release files
     * if [jQuery](https://github.com/jquery/jquery) is already included in your site, use `build/shariff.min.js`
-4. Insert one or more `<div class="shariff">` elements.
-5. Customize the look using data-* attributes.
+5. Insert one or more `<div class="shariff">` elements.
+6. Customize the look using data-* attributes.
 
 To enable the counters in the buttons, see section [Backends](#backends).
 
@@ -190,3 +191,4 @@ This is a list of integrations for third-party systems:
 * [WordPress Plugin Shariff Wrapper](https://wordpress.org/plugins/shariff/)
 * [Xenforo [ITM] ctSSB for Xenforo 1.5](https://github.com/McAtze/-ITM-ctShariffSocialButtons)
 * [Xenforo [WMTech] Social Share Privacy Plugin](https://wmtech.net/products/wmtech-social-share-privacy.41/)
+* [Yellow Plugin Shariff](https://github.com/schulle4u/yellow-plugin-shariff)
diff --git a/package-lock.json b/package-lock.json
index b9b535c2..a1baec15 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -1,9 +1,14 @@
 {
   "name": "shariff",
-  "version": "2.0.4",
+  "version": "3.0.1",
   "lockfileVersion": 1,
   "requires": true,
   "dependencies": {
+    "@fortawesome/fontawesome-free-webfonts": {
+      "version": "1.0.3",
+      "resolved": "https://registry.npmjs.org/@fortawesome/fontawesome-free-webfonts/-/fontawesome-free-webfonts-1.0.3.tgz",
+      "integrity": "sha512-ZWCFi5hly41jWbVmpmfx97WoGh/8dMDQknrFL6Ax7T7ht4AIZOYL7dmLfrVVI8vsml7VCZvKSImLeHubHbyDQA=="
+    },
     "accepts": {
       "version": "1.3.3",
       "resolved": "https://registry.npmjs.org/accepts/-/accepts-1.3.3.tgz",
@@ -3757,11 +3762,6 @@
       "integrity": "sha1-2uRqnXj74lKSJYzB54CkHZXAN4I=",
       "dev": true
     },
-    "@fortawesome/fontawesome-free-webfonts": {
-      "version": "1.0.3",
-      "resolved": "https://registry.npmjs.org/@fortawesome/fontawesome-free-webfonts/-/fontawesome-free-webfonts-1.0.3.tgz",
-      "integrity": "sha512-ZWCFi5hly41jWbVmpmfx97WoGh/8dMDQknrFL6Ax7T7ht4AIZOYL7dmLfrVVI8vsml7VCZvKSImLeHubHbyDQA=="
-    },
     "for-in": {
       "version": "1.0.2",
       "resolved": "https://registry.npmjs.org/for-in/-/for-in-1.0.2.tgz",
diff --git a/package.json b/package.json
index dc82eeee..bc84968d 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "shariff",
-  "version": "3.0.0",
+  "version": "3.0.1",
   "description": "Shariff enables website users to share their favorite content without compromising their privacy.",
   "main": "src/js/shariff.js",
   "scripts": {
diff --git a/src/js/services/twitter.js b/src/js/services/twitter.js
index 27d13686..596c7f02 100644
--- a/src/js/services/twitter.js
+++ b/src/js/services/twitter.js
@@ -5,7 +5,8 @@ var url = require('url')
 // abbreviate at last blank before length and add "\u2026" (horizontal ellipsis)
 var abbreviateText = function(text, length) {
   var div = document.createElement('div')
-  div.innerHTML = text
+  var node = document.createTextNode(text)
+  div.appendChild(node)
   var abbreviated = div.textContent
   if (abbreviated.length <= length) {
     return text