#.NET, .NET Framework, Visual Studio

**What type of information could be disclosed by this vulnerability?** The type of information that could be disclosed if an attacker successfully exploited this vulnerability is Personally Identifiable Information (PII).

**According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?** Exploitation of this vulnerability requires that an attacker convinces a user to open a maliciously crafted package file in Visual Studio.