This indicates an attack attempt against a Cross-Site Scripting (XSS) vulnerability in Joomla! CMS.
The vulnerability is due to inadequate filtering of specific HTML attributes which leads to XSS vulnerabilities in various Joomla! components. A remote attacker may be able to exploit this to execute arbitrary script code within the context of the application, via a crafted request.
Joomla! CMS versions 1.5.0 through 3.6.5
System Compromise : Remote attackers can execute arbitrary script code within the context of the target user's browser
Upgrade to Joomla! CMS version 3.7.0