CVE-2018-1328

Apache Zeppelin prior to 0.8.0 had a stored XSS issue via Note permissions. Issue reported by “Josna Joseph”.
Source: NIST
CVE-2018-1328