Open S3 Bucket Accessible by any Aws User

hi team, vulnerable URL: http://grnhse-marketing-site-assets.s3.amazonaws.com/ There is no authentication required to access the AWS bucket of the website. As your site was associated with AWS, any AWS user can view the content , navigate through directories and download files, public access is allowed. proof of concept: Please refer the screenshots attached. [ note: I haven't modified any existing resources or harm any content ] ## Impact Impact 1. Sensitive information Leakage. 2. Information disclosure about all the data in the cloud. I haven't tried this yet as it may delete the bucket. (it is possible) an Attacker can delete the bucket using this command:- $ aws s3 rb s3://<The_bucket_name> and claim the bucket again to takeover the bucket solution: secure the login access