In the newer version of helical insight 4.1 GA onwards a lot of additional security fixes have been added so as to avoid any sqlinjection and other security flaws.
You can read about the security settings on the blog. It seems like you are using custom column, or filter expression which is not complying with the newer security expressiosn.
The security settings can be changed in the file defaults.properties located at …/hi/hi-repository/System/Admin/. If you are migrating from an older version you can change it to default on line no 68 and 70 so that your custom columns and other things work as is. Then you can start working on migrating it and making it compatible to strict-metadata to address the security related issues. In strict-metadata, in order to use SQL queries in the custom column or filter values, you need to use fully qualified column names.
Please go through the blog to learn about the same in more details.