The remote FreeBSD host is missing a security-related update.
The JSST and the Joomla! Security Center report :  - Core - ACL Violation Inadequate ACL checks in com_content provide potential read access to data which should be access restricted to users with edit_own level.  - Core - XSS Vulnerability Inadequate escaping leads to XSS vulnerability in mail component.  - Core - CSRF Add additional CSRF hardening in com_joomlaupdate.