The issue is in the mobile apps as well as on the web interface.
I've asked sharefile support about this issue and got the following reply:
Allowing users to be added to the "My Files and Folders" section is a known issue with the mobile apps. Unfortunately, it is not possible to reverse these changes with either the app itself or the web interface.
In order to remove the user from the home folder, we would need to submit a request for our engineering team to complete this process on your behalf. Please let us know the user you want to be removed as well as which user's "My Files and Folders" section they were added to.
I find this very alarming. The whole concept of an enterprise secure filesharing system is gone. And Citrix just tells you, sorry... Known issue...
I trust Sharefile to share one folder or file with a colleague or an external person and instread they have access to all my files!!! Rather unbelievable Citrix won't fix this with highest priority.