Maybe you can create a "modification task" for the submitter and cancel it when the approval task ends.
If you put both approval task and modification task in a fork and only let the save button in the modification form (so it is never validated from the form)... I think it should do the trick.
Never done that though... it's just an idea. I'm pretty sure there are some other (better?) solutions.
Maybe you can add a transition from the node where the process instance is located after the data has been submitted pointing back to the initial state (the one related to the input of data). Programatically you can choose which path the token is going to follow.
Other approach we have used is to have two phases in the input stage:
- At the first part, the user only inputs data and saves it. At any time he can modify it and save it again.
- Only when the user is sure the data is correct he commits it, and only then the corresponding process instance is signalled to the next state.
This way we avoid moving the token back and let the user confirm the information he is sending.