Comment by echoangle
19 hours ago
I think you can put malicious data in the bucket and „impersonate“ the deleted bucket, so old code referencing the bucket uses your data instead of throwing an error (?).
19 hours ago
I think you can put malicious data in the bucket and „impersonate“ the deleted bucket, so old code referencing the bucket uses your data instead of throwing an error (?).
Or old code referencing the bucket _writes_ data to it, and the attacker can now read it.