An issue was discovered in Siren Investigate before 12.1.7. Script variable whitelisting is insufficiently sandboxed.
https://docs.support.siren.io/siren-platform-user-guide/13.0/release-notes.html
https://docs.support.siren.io/siren-platform-user-guide/12.1/release-notes.html