This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.
This signature detects attempts of leveraging BrowserExploitServer module of Metasploit which could lead to sensitive information leak.
The BrowserExploitServer mixin of Metasploit is the only mixin specially designed for browser exploitation.
The mixin will then tag the browser to track the session. It will also use the same tag to retrieve the profile when needed.
Before the mixin decides if it should serve the exploit to the browser, it will check with the module for any exploitable requirements. If the requirements aren't met, it will send a 404 to the browser, and the operation bails.
Metasploit browser exploits leverages this module to determine if feasible to exploit further.