Access request should always be checked when transactions happen between two zones. This operation validates any UI actions before the form is rendered to the end user.
Set the system property "glide.security.strict.actions" to true.
Time to fix
This rule is linked to Common Weakness Enumeration CWE-862 Missing Authorization.