From ${URL} : Common Vulnerabilities and Exposures assigned an identifier CVE-2013-6858 to the following vulnerability: Name: CVE-2013-6858 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6858 Assigned: 20131123 Reference: https://bugs.launchpad.net/horizon/+bug/1247675 Reference: SECUNIA:55770 Reference: http://secunia.com/advisories/55770 Multiple cross-site scripting (XSS) vulnerabilities in OpenStack Dashboard (Horizon) 2013.2 and earlier allow local users to inject arbitrary web script or HTML via an instance name to (1) "Volumes" or (2) "Network Topology" page. @maintainer(s): since the package has never been marked as stable, we don't need to stabilize it. After the bump, please remove the affected versions from the tree.
CVE-2013-6858 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6858): Multiple cross-site scripting (XSS) vulnerabilities in OpenStack Dashboard (Horizon) 2013.2 and earlier allow local users to inject arbitrary web script or HTML via an instance name to (1) "Volumes" or (2) "Network Topology" page.
looks like I already fixed this in tree (horizon-2013.1.4-r1.ebuild)
Already Cleaned up... Thank you. No GLSA needed as no stable versions available. Thank you for your work