diff --git a/package.json b/package.json
index 98921dbc..d9ed25d7 100644
--- a/package.json
+++ b/package.json
@@ -36,6 +36,7 @@
 		"chalk": "^3.0.0",
 		"cosmiconfig": "^6.0.0",
 		"del": "^4.1.0",
+		"escape-goat": "^3.0.0",
 		"escape-string-regexp": "^2.0.0",
 		"execa": "^4.0.0",
 		"github-url-from-git": "^1.5.0",
diff --git a/source/ui.js b/source/ui.js
index d516da14..d89217f9 100644
--- a/source/ui.js
+++ b/source/ui.js
@@ -2,6 +2,7 @@
 const inquirer = require('inquirer');
 const chalk = require('chalk');
 const githubUrlFromGit = require('github-url-from-git');
+const {htmlEscape} = require('escape-goat');
 const isScoped = require('is-scoped');
 const util = require('./util');
 const git = require('./git-util');
@@ -36,7 +37,7 @@ const printCommitLog = async (repoUrl, registryUrl) => {
 	}).join('\n');
 
 	const releaseNotes = nextTag => commits.map(commit =>
-		`- ${commit.message}  ${commit.id}`
+		`- ${htmlEscape(commit.message)}  ${commit.id}`
 	).join('\n') + `\n\n${repoUrl}/compare/${latest}...${nextTag}`;
 
 	const commitRange = util.linkifyCommitRange(repoUrl, `${latest}...master`);