CS Money: Able to blocking users with 2fa from login into their accounts by just knowing the SteamID

A vulnerability was discovered where an attacker could block users with two-factor authentication from logging into their accounts on a website by modifying the steamid cookie in the two-factor authentication code confirmation request. By changing the steamid cookie to the victim's and sending...