invenio_drafts_resources is vulnerability to privilege escalation. An authenticated user is able to publish draft records of other users via REST
API calls when they know the record identifier and the draft validates due to improper permission checks.