This script is Copyright (C) 2008-2013 Tenable Network Security, Inc.
The remote FreeBSD host is missing one or more security-related
The Drupal Project reports :
The aggregator module fetches items from RSS feeds and makes them
available on the site. The module provides an option to remove items
from a particular feed. This has been implemented as a simple GET
request and is therefore vulnerable to cross site request forgeries.
For example: Should a privileged user view a page containing an <img>
tag with a specially constructed src pointing to a remove items URL,
the items would be removed.
See also :
Update the affected packages.
Risk factor :
Medium / CVSS Base Score : 4.3