Jitsi: Bridge Message Spoofing due to Improper JSON Handling leads to Prototype Pollution

The Jitsi VideoBridge failed to properly handle JSON messages with duplicate `colibriClass` keys, enabling clients to send messages interpreted differently by the bridge and resulting in unauthorized actions within video conferences. Jitsi Security Advisory has been published: https://github.com/jitsi/security-advisories/blob/master/advisories/JSA-2023-0001.md Changes: * (lib-jitsi-meet) `fix(misc) use safeJsonParse from js-utils` * https://github.com/jitsi/lib-jitsi-meet/pull/2332 * (jitsi-meet) `fix(misc) use safeJsonParse from js-utils` * https://github.com/jitsi/jitsi-meet/pull/13673 * (jitsi-videobridge) `ref: Cleanup BridgeChannelMessage (remove unnecessary type field).` * https://github.com/jitsi/jitsi-videobridge/pull/2039 We thank @afewgoats for submitting this report to us.