Content spoofing simply allow an attacker to alter the text on the website. Attackers can use this to trick users into performing actions they wouldn't otherwise have performed.
cd app
virtualenv -p python3 venv
source venv/bin/activate
pip install -r ../requirements.txt
python run.py
Read the description at the frontpage (http://localhost:5000/)