Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found vulnerable to cross frame scripting.
apache atlas 0.6.0
apache atlas 0.7.0