Apache Atlas versions 0.8.3 and 1.1.0 were found vulnerable to Stored Cross-Site Scripting in the search functionality
apache atlas 1.1.0
apache atlas 0.8.3