The remote FreeBSD host is missing a security-related update.
The JSST and the Joomla! Security Center report :  - Core - Remote Code Execution Vulnerability Browser information is not filtered properly while saving the session values into the database which leads to a Remote Code Execution vulnerability.  - Core - CSRF Hardening Add additional CSRF hardening in com_templates.  - Core - Directory Traversal Failure to properly sanitize input data from the XML install file located within an extension's package archive allows for directory traversal.  - Core - Directory Traversal Inadequate filtering of request data leads to a Directory Traversal vulnerability.