State field does not display for Security Incidents for Non-Admin users when field is manipulated from Script Include which is in a scoped application
Security Incident Response (com.snc.security_incident) plugin is activated
Field is manipulated from Script Include which is in application specific scope, but user user does not have execute operation access to client_callable_script_include Type ACL
Add the User Role - ITIL to execute ACL of type:client_callable_script_include in the same scope.
Here is a link to the ACL, replace <instance_name> with the actual instance name:
Note: For the Security Incident scoped app, OOB ACL sys_id=196bd0450b2132008f9108e3c5673aee