hi i intend to backport the fix for OAK-9059 to the 1.10 and 1.22 branches. the risk should be very limited as it only requires modifications to o.a.j.oak.spi.security.authorization.cug.impl.NestedCugHook.
let me know i you have any concerns. kind regards angela https://issues.apache.org/jira/browse/OAK-9059