This indicates an attack attempt against multiple Cross-Site Scripting vulnerabilities in Oracle GlassFish Server.
The vulnerability is due to insufficient sanitizing of user supplied inputs that are passed to a number of ".jsp" files parameters. A remote attacker may be able to exploit this to execute arbitrary script code within the context of the browser context of the application.
Oracle GlassFish Server 3.1.1
System Compromise: Remote attackers can execute arbitrary script code within the context of the browser.
Apply the latest update from the vendor.