OSWE Training: Breaking the Web, One Vulnerability at a Time