...
Sent following email to Johari, Adib, Wajahat and Saqib:
There is a modified version of the PingER traceroute.pl CGI script. The new version sanitizes the QUERY_STRING variables to prevent some just exposed cross-site-scripting (XSS, see for example https://en.wikipedia.org/wiki/Cross-site_scripting) vulnerabilities. It is recommended that you replace the existing traceroute.pl script at your site with the new version, i.e. get (e.g. using wget) traceroute.pl from http://www.slac.stanford.edu/comp/net/traceroute/traceroute.pl and install in your CGI directory (often /var/www/cgi-bin or /usr/local/cgi-bin or /usr/lib/cgi-bin or /var/www/cgi-bin). You may need to make it executable with the command chmod a+x traceroute.pl. You can test it by loading the URL http://yourwebserver/cgi-bin/traceroute.pl.
Please let Les know if this is clear and follow instructions. Then Les will send to all active MA contacts. Les has created a mailing group for them.
Working with Saqib to test pinger2.pl to make it work with IPv6 servers and targets.
...