Microsoft OneDrive File Picker Flaw Grants Apps Full Cloud

Researchers have discovered a security flaw in Microsoft's OneDrive File Picker. If successfully exploited, the flaw could allow websites to access a user's entire cloud storage content. "This stems from overly broad OAuth scopes and misleading consent screens," the researchers say.