You or your hosting provider enabled ModSecurity, a web application firewall (WAF). Apparently Q2A is using some relative paths (something like https://example.org/foo/../bar), which ModSecurity doesn't like, because they look like Path Traversal attacks. Hence the error.
AFAICS you can either configure ModSecurity to allow these paths, or disable ModSecurity entirely. WAFs in general tend to require a lot of fine-tuning, therefore I do not recommend using them unless you specifically know what you need them for and are prepared to put in the additional time and effort (which might be better spent on the configuration of the actual webserver).
If you choose to stick with ModSecurity, this tutorial might be helpful. |