This indicates an attack attempt against a Directory Traversal vulnerability in Koha.
The vulnerability is caused by an error when the vulnerable software handles a http request with malicious KohaOpacLanguage cookie. A remote attacker can exploit this to gain unauthorized access to sensitive information.
Koha 3.4 before 3.4.7 and 3.6 before 3.6.1
Information Disclosure: Remote attacker can gain sensitive information from vulnerable systems.
Refer to the vendor's web site for suggested workaround.