You are right, my choice of words was poor. The vuln is exactly as you describe, and it's the malicious payload that was not in the codebase (cache poisoning which is not detectable by reviewing the code of the repo).