Microsoft OneDrive File Picker Flaw Grants Apps Full Cloud Access — Even When Uploading Just One File The Hacker Newsinfo@thehackernews.com (The Hacker News)

Cybersecurity researchers have discovered a security flaw in Microsoft’s OneDrive File Picker that, if successfully exploited, could allow websites to access a user’s entire cloud storage content, as opposed to just the files selected for upload via the tool.
“This stems from overly broad OAuth scopes and misleading consent screens that fail to clearly explain the extent of access being granted, Cybersecurity researchers have discovered a security flaw in Microsoft’s OneDrive File Picker that, if successfully exploited, could allow websites to access a user’s entire cloud storage content, as opposed to just the files selected for upload via the tool.
“This stems from overly broad OAuth scopes and misleading consent screens that fail to clearly explain the extent of access being granted,

In The News

Tech Jacks
Derrick Jackson is a IT Security Professional with over 10 years of experience in Cybersecurity, Risk, & Compliance and over 15 Years of Experience in Enterprise Information Technology

Microsoft OneDrive File Picker Flaw Grants Apps Full Cloud Access — Even When Uploading Just One File The Hacker [email protected] (The Hacker News)

Like this:

Leave A Reply

Leave a Reply Cancel reply

Blog

Microsoft OneDrive File Picker Flaw Grants Apps Full Cloud Access — Even When Uploading Just One File The Hacker [email protected] (The Hacker News)

Share this:

Like this:

Leave A Reply

Leave a Reply Cancel reply

Blog