A customer has discovered that some users are listed in the "Recent Changes" section in the Info view of a page which had no permission to edit or even view this page.

Since this Confluence installation is used in a secure environment it has caused distrust and lots of work for the root cause analysis.

To reproduce:

1. create two spaces, make one of them private.
2. In the private space, link to a page in the public page.
3. On the public page, add an attachment.
4. Whenever a new version of the same file is uploaded, the user uploading the file is listed as having modified not only the public page, but also the page in the private space linking to the public page.

With Confluence 2.5.7, deleting or adding attachments or editing the public page does not have an effect on the page in the private space. I think this is the expected behaviour.
With Confluence 2.8 it is even worse: modifying the page text, modifying or adding an attachment (but not deleting an attachment) lists the user as someone who has tampered with the private page.

I have marked this bug as critical because users may think that Confluence's permission system is broken which would be a big problem for Atlassian, at least PR-wise.