A security flaw in Microsoft’s OneDrive File Picker has exposed millions of users to potential data overreach.

According to new findings from Oasis Security, the issue lies in how the picker requests OAuth permissions, granting applications broad access to a user’s entire OneDrive, rather than just the files selected for upload or download.

“It’s a classic case of over-permissioned OAuth scopes combined with a misleading consent flow,” explained Vijay Dilwale, principal security consultant at Black Duck.

Excessive Permissions Granted by Design

The Oasis Security report highlighted that hundreds of widely used web applications, including ChatGPT, Slack, Trello and ClickUp, integrate the OneDrive File Picker to streamline file uploads. However, these integrations request expansive read or write access across the user’s entire cloud storage.

“Oasis Security’s recent research highlights a major privacy and security issue,” said Eric Schwake, director of cybersecurity strategy at Salt Security.

“This problem enables these apps to obtain complete read access to a user’s entire OneDrive content instead of just the selected files for upload due to insufficiently detailed OAuth scopes.”

Version 7.0 of the File Picker, for instance, requires both read and write access even during upload processes. Meanwhile, older picker versions (6.0 to 7.2) also suffer from insecure handling of sensitive OAuth tokens, including use of URL fragments and localStorage.

Although Version 8.0 gives developers more control by externalizing authentication, the scopes themselves remain overly broad.

“Microsoft’s OneDrive File Picker encourages third-party web apps to request broad files,” said Jason Soroko, senior fellow at Sectigo.

“The consent dialog doesn’t convey that a click grants the integrator a door into every file and folder in the user’s OneDrive.”

Read more on OAuth security concerns: Hotjar, Business Insider Vulnerabilities Expose OAuth Data Risks

Real-World Risks for Users and Organizations

The scope vulnerability doesn’t just create theoretical risk.

A candidate uploading a résumé via a recruitment platform like Phenome could unintentionally expose confidential employer documents if the résumé is pulled from corporate OneDrive storage.

“Users should assume that every SaaS plug-in they authorize has the keys to their personal or enterprise crown jewels unless proven otherwise,” Soroko warned.

“Security teams should enforce ‘admin consent’ or conditional-access policies that block apps requesting anything beyond files.read.”

Oasis Security identified several concerns:

File Picker permissions allow access to all files in a user’s OneDrive

Access tokens may persist for an hour or longer, with possible ongoing access if refresh tokens are used

Tokens have previously been stored insecurely in browser memory

Consent dialogs do not clearly communicate the extent of access

“This is a good opportunity to take a step back and review how cloud storage integrations are being used,” said Dilwale.

“Start with configuration reviews – look at which apps have access to OneDrive and what scopes they’ve been granted.”

More Restrictive Models from Google and Dropbox

Compared to Microsoft’s approach, competitors have implemented safer defaults.

Google Drive uses fine-grained scopes like drive.file to restrict access to app-created or user-selected files. Meanwhile, Dropbox employs a custom picker that avoids OAuth altogether, retrieving only explicitly selected files.

Microsoft has reportedly acknowledged the report but has yet to announce changes.

Oasis Security is advising developers to avoid refresh tokens, limit scope requests and review existing integrations.

For users, Microsoft’s privacy settings can reveal which apps currently have access to their OneDrive accounts