XWikiContextInitializationFilter, which initializes the XWiki context for GWT-RPC requests made by the WYSIWYG editor, resolves the current user relative to the main wiki:
This means that in a (domain-based, for path-based see
XWIKI-7739) XEM, a local user will be resolved as a global user. This doesn't affect recent versions of XWiki because the authentication code has been improved to return the full user reference which doesn't have to be resolved.
I managed to reproduce this problem on 4.1.4. One of the consequences of this issues is that, if you have a global user and a local user with the same name, then the local user cannot use the WYSIWYG editor functions that require a CSRF token because the GWT-RPC requests use the token of the global user while the edit form uses the token of the local user.