A spoofing vulnerability exists when the NuGetGallery does not properly sanitize input on package metadata values, aka ‘NuGetGallery Spoofing Vulnerability’.