SafeeSaif
commented
1 week ago Thanks for bringing this to our attention. This has been patched in the latest release Zoom-App-RefApp-Web-EP-20240625
Closed Starkteetje closed 1 week ago
SafeeSaif
commented
1 week ago Thanks for bringing this to our attention. This has been patched in the latest release Zoom-App-RefApp-Web-EP-20240625
Starkteetje
commented
13 hours ago Hey @SafeeSaif thanks for fixing this in this sample app. I just want to note that it is still unfixed in the remaining sample apps linked in https://github.com/zoom/zoomapps-sample-js/issues/24 and in particular also in the Zoom documentation, so for now most developers of Zoom Apps will likely continue to produce vulnerable Zoom Apps
The decryptZoomAppContext routine is used to decrypt the X-Zoom-App-Context header. The decrypted value contains important information for the application, such as the user's ID and action, which the Zoom application will act upon. Unfortunately, the decryption process is insecure, as the Node crypto API does not enforce an expected length of the authentication tag, which allows forging values. Depending on the context, varying levels of user impersonation are possible. See https://github.com/zoom/zoomapps-sample-js/issues/24 for details.