Kgun, without knowing much (anything) about the plugin you are using, I do know the message you posted indicates someone attempted an XSS exploit on your forum, which the software picked up.

I think from the error message that the page you were viewing displays a description field for each user being listed, and that description field allows users to create their own content, including HTML code. A user then crafted the malicious description to attack either your administrative account or visitors' accounts when they viewed the description.

__________________
The best way to learn anything, is to question everything.