We demonstrated broken authentication vulnerability by changing cookie values. This was part of TryHackMe Overpass.
Broken authentication is listed as one of the top 10 web application vulnerabilities according to OWASP. If you are looking for a list of web application vulnerabilities notes, you can subscribe to my channel membership.
What happens when a group of broke Computer Science students try to make a password manager? Obviously a perfect commercial success!
Escalate your privileges and get the flag in root.txt