fix(security): guard NaN timestamp before replay-protection window check

Number(timestamp) returns NaN for non-numeric strings; Math.abs(Date.now() - NaN)
is NaN which is never > FIVE_MINUTES_MS, silently bypassing replay protection.
Add isNaN guard in both Webflow and HubSpot v3 timestamp checks.

Author: waleedlatif1

apps/sim/lib/webhooks/providers/hubspot.ts

@@ -72,7 +72,8 @@ export const hubspotHandler: WebhookProviderHandler = {
         )
         return new NextResponse('Unauthorized - Missing HubSpot v3 timestamp', { status: 401 })
       }
-      if (Math.abs(Date.now() - Number(timestamp)) > FIVE_MINUTES_MS) {
+      const ts = Number(timestamp)
+      if (isNaN(ts) || Math.abs(Date.now() - ts) > FIVE_MINUTES_MS) {
         logger.warn(`[${requestId}] HubSpot webhook timestamp too old, possible replay attack`)
         return new NextResponse('Unauthorized - HubSpot timestamp expired', { status: 401 })
       }

apps/sim/lib/webhooks/providers/webflow.ts

@@ -53,7 +53,8 @@ export const webflowHandler: WebhookProviderHandler = {
       return new NextResponse('Unauthorized - Missing Webflow signature', { status: 401 })
     }
 
-    if (Math.abs(Date.now() - Number(timestamp)) > FIVE_MINUTES_MS) {
+    const ts = Number(timestamp)
+    if (isNaN(ts) || Math.abs(Date.now() - ts) > FIVE_MINUTES_MS) {
       logger.warn(`[${requestId}] Webflow webhook timestamp too old, possible replay attack`)
       return new NextResponse('Unauthorized - Webflow timestamp expired', { status: 401 })
     }