diff --git a/sys-cluster/ganglia-web/Manifest b/sys-cluster/ganglia-web/Manifest
new file mode 100644
index 0000000..94c4b6a
--- /dev/null
+++ b/sys-cluster/ganglia-web/Manifest
@@ -0,0 +1,4 @@
+AUX CVE-2013-6395-fix-xss.patch 922 SHA256 42cb7108991ef3061f9a34710b29fda75bc4635bcc6f824fb1115fd4f0277159 SHA512 6ea9694203f5402eb84bf412db6f8c687872a6ab0bea1a0645d92e7852b4a8542f48420442e451042c032d43056ba07d23fd09344d45533017ebdebf111ec556 WHIRLPOOL 785701d303c8649a1d7ac830272f703e7a26f10b0a5d840898f8a36a6d4d1075d1f442f4455d266d978574bc81424ef772e529bc7f5c0a8232f59fcf676f6b05
+DIST ganglia-web-3.7.2.tar.gz 704632 SHA256 98820187c98d24d3645b92d31060623de696dad331a361a19874898339523628 SHA512 033b00923a4cf7f342a44de9e37da67411992054e7f103fa09d91bbd125fb9066cc4e77ae5011810d7d926e2997b48d30e3d505d83239cd4c0a6b996a7679f8d WHIRLPOOL 3af95583cacd81deb9516a1dcbd036a8d16a254b8997fd0307812b1b471e888b4716b496c367bb1a545f6305bff2275a95145ba322b55ba6fea03c93acde0f26
+EBUILD ganglia-web-3.7.2.ebuild 1186 SHA256 b0b7f2090b784272665dec6f54800a2b4c5d57fc850f599b0e20f27fda307349 SHA512 18367067f78bd4267d090f53769507a4e2469ab2af3d3eb34bd56eab8b112962aa9561f3b56e1eaae7f5687980fedd99d7f39c870043fb745f1e541bcdd91e10 WHIRLPOOL 0ccbb9945e7fdb1f68eb2c23ad4b88874cb31ebcd9645ec5d791e1da058f5a59ade11bfe2494b51e43e691e736c9efce4f1dcbdd112edf7081b6968d3bef9d5e
+MISC metadata.xml 334 SHA256 a0156eea226535177cb784d92cec49e67ab431b69a129bd5f792d2b11804ccde SHA512 9b58ae22b5ef2ebe1d7b247b179273a68033ccbc01c78969a2ec10a2a3932432ea4328b91e192b30dcef84381313fff1d26fc0e4d7e4cf70f0a36aa9c3cd8a63 WHIRLPOOL 7a92b4c49c9d0a34865d7e5ff49dccc327e2b8f12e58c9ae494757c6d40ace8819027d23dc382f9ab53cbefbe74f0e046d51fbec63e8d6ad705a400a21ebb224
diff --git a/sys-cluster/ganglia-web/files/CVE-2013-6395-fix-xss.patch b/sys-cluster/ganglia-web/files/CVE-2013-6395-fix-xss.patch
new file mode 100644
index 0000000..6f49bbe
--- /dev/null
+++ b/sys-cluster/ganglia-web/files/CVE-2013-6395-fix-xss.patch
@@ -0,0 +1,27 @@
+From a014c9542710ad50fd1a7fd1eb39b44261edf3a2 Mon Sep 17 00:00:00 2001
+From: Justin Bronder <jsbronder@gmail.com>
+Date: Mon, 23 Dec 2013 11:39:03 -0500
+Subject: [PATCH] CVE-2013-6395 fix xss
+
+https://bugs.gentoo.org/show_bug.cgi?id=492580
+http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6395
+---
+ header.php | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/header.php b/header.php
+index d0a30c2..e1cb0e8 100755
+--- a/header.php
++++ b/header.php
+@@ -485,7 +485,7 @@ $data->assign("custom_time", $custom_time);
+ /////////////////////////////////////////////////////////////////////////
+ if ( $context == "cluster" ) {
+   if ( isset($user['host_regex']) && $user['host_regex'] != "" )
+-    $set_host_regex_value="value='" . $user['host_regex'] . "'";
++    $set_host_regex_value="value='" . htmlentities($user['host_regex'], ENT_QUOTES) . "'";
+   else
+     $set_host_regex_value="";
+ 
+-- 
+1.8.3.2
+
diff --git a/sys-cluster/ganglia-web/ganglia-web-3.7.2.ebuild b/sys-cluster/ganglia-web/ganglia-web-3.7.2.ebuild
new file mode 100644
index 0000000..e759724
--- /dev/null
+++ b/sys-cluster/ganglia-web/ganglia-web-3.7.2.ebuild
@@ -0,0 +1,60 @@
+# Copyright 1999-2018 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=4
+WEBAPP_MANUAL_SLOT="yes"
+inherit webapp eutils
+
+DESCRIPTION="Web frontend for sys-cluster/ganglia"
+HOMEPAGE="http://ganglia.sourceforge.net"
+SRC_URI="mirror://sourceforge/ganglia/${PN}/${PV}/${P}.tar.gz"
+LICENSE="BSD"
+SLOT="0"
+KEYWORDS="~amd64 ~ppc ~x86"
+IUSE="vhosts"
+
+DEPEND="net-misc/rsync"
+RDEPEND="
+	${DEPEND}
+	${WEBAPP_DEPEND}
+	>=sys-cluster/ganglia-3.7.0[-minimal]
+	dev-lang/php[gd,xml,ctype,cgi]
+	media-fonts/dejavu"
+
+src_configure() {
+	return 0
+}
+
+src_compile() {
+	return 0
+}
+
+src_prepare() {
+	epatch "${FILESDIR}"/CVE-2013-6395-fix-xss.patch
+}
+
+src_install() {
+	webapp_src_preinst
+	cd "${S}"
+	emake \
+		GDESTDIR="${MY_HTDOCSDIR}" \
+		DESTDIR="${D}" \
+		APACHE_USER=nobody \
+		install || die
+	webapp_configfile "${MY_HTDOCSDIR}"/conf_default.php
+	webapp_src_install
+
+	fowners -R nobody:nobody /var/lib/ganglia-web/dwoo
+	fperms -R 777 /var/lib/ganglia-web/dwoo
+
+	dodoc AUTHORS README TODO || die
+}
+
+pkg_postinst() {
+	webapp_pkg_postinst
+
+	# upgrade from < 3.5.6
+	if [ -d "${ROOT}"/var/lib/ganglia/dwoo ]; then
+		rm -rf "${ROOT}"/var/lib/ganglia/dwoo || die
+	fi
+}
diff --git a/sys-cluster/ganglia-web/metadata.xml b/sys-cluster/ganglia-web/metadata.xml
new file mode 100644
index 0000000..89825de
--- /dev/null
+++ b/sys-cluster/ganglia-web/metadata.xml
@@ -0,0 +1,11 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+	<maintainer type="project">
+		<email>cluster@gentoo.org</email>
+		<name>Gentoo Cluster Project</name>
+	</maintainer>
+	<upstream>
+		<remote-id type="sourceforge">ganglia</remote-id>
+	</upstream>
+</pkgmetadata>