At this point you’ve certainly seen endless numbers of articles and posts about the critical security flaws in Citrix’s Appliance Delivery Controller and Gateway products. The flaw - CVE-2019-19781 - is a vulnerability that allows an attacker to run a command on your system or read files on your server. There have already been a few proof of concept exploits released by researchers.
What’s more important - security or user experience? It’s a trick question, of course - especially when talking about virtual application delivery. If a virtual application delivery product isn’t secure, that’s an obvious non-starter. And if the user experience isn’t great, then your people won’t use it. Or worse, they’ll find some shadow IT workaround.