This indicates an attack attempt against a Cross-Site Scripting (XSS) vulnerability in Plone.
The vulnerability is due to Plone failing to properly sanitize the "came_from" parameter value that is passed to the login form. A remote attacker may be able to exploit this to execute arbitrary code within the context of the application.
Plone versions before 4.3.16 and 5.0.10
System Compromise : Remote attackers can execute arbitrary script code within the context of the target user's browser
Upgrade to the latest version, available from the website.