Improve DAST multi-user authorization replay gates

[MAUROCERON]

Implements #1488.

Summary

• Adds a DAST multi-user authorization and session-isolation evidence gate that separates authenticated crawling from broken-access-control coverage.
• Requires role/user matrices, isolated sessions, peer-object replay, lower-privilege replay, cross-tenant replay where applicable, expected-deny assertions, and residual-risk output.
• Adds edge-case fixtures for single-user false coverage, shared-session contamination, missing cross-tenant replay, and a benign complete replay evidence set.

Validation

• Markdown fence balance check passed for changed files.
• Required marker check passed for Multi-User Authorization and Session Isolation, Multi-user authorization replay, Authorization Replay Evidence, session isolation, and cross-tenant.
• Trailing whitespace check passed for changed files.
• New fixture prompt-injection phrase scan returned no matches.
• Privacy scan for local goal folder returned no matches.
• Reference reachability checks returned HTTP 200 for OWASP ZAP Automation Framework, OWASP WSTG, WSTG authorization schema, WSTG privilege escalation, WSTG IDOR, and OWASP API Security 2023 API1.
• Remote commit contains only the intended two files.

Payment details can be provided privately after maintainer acceptance.