Injection malicious formulas into exported CSV files
Steal AWS credentials via Server Side Request Forgery(SSRF) attacks.
Use SVG images to gain stored XSS via uploading an SVG image.
Open S3 buckets can be used to find sensitive data. Dont forgot about google cloud storage though.