After applying the patch(es) from
EZP-19158 (limitation on Group in createPermissionCheckingSQL is very slow in sites with populated groups),
an existing extended attribute filter no longer works as intended.
The generated SQL query is invalid.
The filter may be modified to work, by changing the 'from' and 'where' elements to be compatible with the now used 'INNER JOIN' query.
(In this case, documentation should reflect this change).