The vulnerability arises from the lack of authentication on endpoints that handle file uploads and downloads to an AWS S3 bucket. This allows any user to upload and download JSON files without proper authorization. The uploaded files can contain malicious content, leading to various security issues such as denial of service, stored XSS, and information disclosure. Attackers can exploit this to fill the S3 bucket, overwrite existing files, decompress large files to slow down the server, access other users' data, and inject malicious scripts.

An attacker can exploit this vulnerability by sending a POST request to the upload endpoint with a malicious JSON payload. For example, they can upload a JSON file containing a large amount of data to cause a denial of service or inject a stored XSS payload. The attacker can then access the uploaded file via the download endpoint or overwrite existing files, leading to various security issues.

All users of the software running the latest version (commit hash: c945bb859979659add5f490a874140ad17c56a5d) are affected. This includes any deployment where the server is configured to run in a production environment with AWS S3 integration.