an user can enter a text room in janus gateway with a malicious name that contains a xss payload and could poison other users on the room
just go to https://janus.conf.meetecho.com/textroomtest.html this is provided by github repo as a demo
then enter in the name <img src>
https://drive.google.com/file/d/1r8oy-BFGV_Z1WICyQnR_c5Nq4CAfxWuE/view?usp=sharing
This vulnerability is capable of poison the whole chat and steal other users creds or redirect users to malicious apps.