Bad Santa's Hacking Adventure: Escape Room Edition!
CWE-290: Authentication Bypass by Spoofing
More
CWE-302: Authentication Bypass by Assumed-Immutable Data
More
CAPEC-31: Accessing/Intercepting/Modifying HTTP Cookies
More