This indicates an attack attempt against a Code Injection vulnerability in PowerDNS Recursor.
The vulnerability exists in the web interface of PowerDNS Recursor, where the qname of DNS queries was displayed without any escaping. A remote attacker may be able to exploit this to injection arbitrary code into the web interface, thus, altering the content
PowerDNS Recursor from 4.0.0 to 4.0.6.
System Compromise : Remote attackers can execute arbitrary script code within the context of the target user's browser
Apply patch, available from the website.