This indicates attack attempts against multiple Persistence Cross Site Scripting vulnerabilities in Apache Struct framework.
The vulnerabilities is caused because the vulnerable application fails to sanitise user-supplied input. Successful attacks may allow an attacker to execute arbitrary HTML code in a user's browser session in the context of a vulnerable application.
Apache struts 2.2.3 and prior.
System Compromise: Remote attackers can execute arbitrary script code within the context of the target user's browser.
Upgrade to the latest version, available from the web site.