Florian Port

**Name of the Vulnerable Software and Affected Versions** Jitsi Meet versions prior to 9391 **Description** A logic flaw in password-protected Jitsi meetings that make use of a lobby leads to the disclosure of the meeting password when a user is invited to a call after waiting in the lobby. This issue potentially allows unauthorized individuals to gain the meeting password, bypassing security and joining private conferences. **Recommendations** For Jitsi Meet versions prior to 9391, update to a version 9391 or later to resolve the issue. As a temporary workaround, consider restricting the use of password-protected meetings with lobbies until a patch is applied. Avoid using the lobby feature in password-protected meetings until the issue is resolved.