I ibose Juggernaut Tuesday at 1:37 AM #1 OneDrive File Picker OAuth Flaw Exposes Full Drive Access Oasis Security reveals a OneDrive File Picker flaw allowing full drive read access via OAuth, affecting apps like ChatGPT, Slack, Trello, and ClickUp. www.oasis.security For those who use OneDrive, the flaw is in the file picker; mitigation steps are included.
OneDrive File Picker OAuth Flaw Exposes Full Drive Access Oasis Security reveals a OneDrive File Picker flaw allowing full drive read access via OAuth, affecting apps like ChatGPT, Slack, Trello, and ClickUp. www.oasis.security For those who use OneDrive, the flaw is in the file picker; mitigation steps are included.
iamX Contributor Tuesday at 8:12 AM #2 Thanks for sharing, I guess there will always some security vulnerability or the other. Another reason to stick with known GPT and AI solutions.
Thanks for sharing, I guess there will always some security vulnerability or the other. Another reason to stick with known GPT and AI solutions.
I ibose Juggernaut Tuesday at 8:38 AM #3 iamX said: Another reason to stick with known GPT and AI solutions. Click to expand... Not sure how this will help when the vulnerability is in Onedrive
iamX said: Another reason to stick with known GPT and AI solutions. Click to expand... Not sure how this will help when the vulnerability is in Onedrive
iamX Contributor Tuesday at 8:46 AM #4 ibose said: Not sure how this will help when the vulnerability is in Onedrive Click to expand... I meant I'd hope for ChatGPT and Gemini to not take advantage of that vulnerability unlike a Chinese AI/App. Or maybe it's just hoping against hope.
ibose said: Not sure how this will help when the vulnerability is in Onedrive Click to expand... I meant I'd hope for ChatGPT and Gemini to not take advantage of that vulnerability unlike a Chinese AI/App. Or maybe it's just hoping against hope.
bruhhh123 Beginner Tuesday at 9:27 AM #5 might be a stupid question, but most corporates use microsoft services and onedrive. So does this mean most of this dsta is compromised?
might be a stupid question, but most corporates use microsoft services and onedrive. So does this mean most of this dsta is compromised?
I ibose Juggernaut Tuesday at 9:43 AM #6 bruhhh123 said: might be a stupid question, but most corporates use microsoft services and onedrive. So does this mean most of this dsta is compromised? Click to expand... It would be locked down for internal usage only and to prevent access to third party apps and services.
bruhhh123 said: might be a stupid question, but most corporates use microsoft services and onedrive. So does this mean most of this dsta is compromised? Click to expand... It would be locked down for internal usage only and to prevent access to third party apps and services.