31 matches found
CVE-2026-55743
The shell tool command allowlist in the SecurityPolicy of OpenHuman desktop agent through 0.54.0 default Supervised security policy can be bypassed to execute arbitrary OS commands with the privileges of the desktop user. Two flaws in src/openhuman/security/policy.rs combine: 1 isargssafe blocks...
EUVD-2026-37722
The shell tool command allowlist in the SecurityPolicy of OpenHuman desktop agent through 0.54.0 default Supervised security policy can be bypassed to execute arbitrary OS commands with the privileges of the desktop user. Two flaws in src/openhuman/security/policy.rs combine: 1 isargssafe blocks...
CVE-2026-55743 OpenHuman desktop agent shell tool sandbox bypass leads to arbitrary command execution
The shell tool command allowlist in the SecurityPolicy of OpenHuman desktop agent through 0.54.0 default Supervised security policy can be bypassed to execute arbitrary OS commands with the privileges of the desktop user. Two flaws in src/openhuman/security/policy.rs combine: 1 isargssafe blocks...
CVE-2026-55743
OpenHuman desktop agent (before 0.54.0, fixed in 0.56.0) contains two policy flaws in src/openhuman/security/policy.rs that bypass the shell allowlist, enabling remote code execution via indirect prompt injection. First, is_args_safe() blocks -exec and -ok while not blocking -execdir/-okdir (whic...
CVE-2026-20170
A vulnerability in the Desktop Agent functionality of Cisco Webex Contact Center could have allowed an unauthenticated, remote attacker to conduct cross-site scripting attacks. Cisco has addressed this vulnerability in the Cisco Webex Contact Center service, and no customer action is needed. This...
Cisco Webex Contact Center Desktop Agent Cross-Site Scripting Vulnerability
Cisco Webex Contact Center is a cloud contact center solution for customer service and call center management. A cross-site scripting vulnerability exists in Cisco Webex Contact Center. The vulnerability stems from a failure of the Desktop Agent feature to properly handle HTML and scripted conten...
EUVD-2026-22967
A vulnerability in the Desktop Agent functionality of Cisco Webex Contact Center could have allowed an unauthenticated, remote attacker to conduct cross-site scripting attacks. Cisco has addressed this vulnerability in the Cisco Webex Contact Center service, and no customer action is needed. This...
CVE-2026-20170
A vulnerability in the Desktop Agent functionality of Cisco Webex Contact Center could have allowed an unauthenticated, remote attacker to conduct cross-site scripting attacks. Cisco has addressed this vulnerability in the Cisco Webex Contact Center service, and no customer action is needed. This...
CVE-2026-20170
A vulnerability in the Desktop Agent functionality of Cisco Webex Contact Center could have allowed an unauthenticated, remote attacker to conduct cross-site scripting attacks. Cisco has addressed this vulnerability in the Cisco Webex Contact Center service, and no customer action is needed. This...
CVE-2026-20170
A vulnerability in the Desktop Agent functionality of Cisco Webex Contact Center could have allowed an unauthenticated, remote attacker to conduct cross-site scripting attacks. Cisco has addressed this vulnerability in the Cisco Webex Contact Center service, and no customer action is needed. This...
CVE-2026-20170
The CVE-2026-20170 entry affects Cisco Webex Contact Center’s Desktop Agent functionality. The vulnerability arises from improper handling of HTML and script content, enabling an unauthenticated, remote attacker to perform cross-site scripting via a user-traversed link. Successful exploitation co...
CVE-2026-20170
A vulnerability in the Desktop Agent functionality of Cisco Webex Contact Center could have allowed an unauthenticated, remote attacker to conduct cross-site scripting attacks. Cisco has addressed this vulnerability in the Cisco Webex Contact Center service, and no customer action is needed. This...
Cisco Webex Contact Center Cross-Site Scripting Vulnerability
A vulnerability in the Desktop Agent functionality of Cisco Webex Contact Center could have allowed an unauthenticated, remote attacker to conduct cross-site scripting attacks. Cisco has addressed this vulnerability in the Cisco Webex Contact Center service, and no customer action is needed. This...
Cisco Webex Contact Center 安全漏洞
Cisco Webex Contact Center is a cloud contact center solution for customer service and call center management. A cross-site scripting vulnerability exists in Cisco Webex Contact Center. The vulnerability stems from a failure of the Desktop Agent feature to properly handle HTML and scripted conten...
PT-2026-33091
A vulnerability in the Desktop Agent functionality of Cisco Webex Contact Center could have allowed an unauthenticated, remote attacker to conduct cross-site scripting attacks. Cisco has addressed this vulnerability in the Cisco Webex Contact Center service, and no customer action is needed. This...
CVAD LVDA - How to update list of Controllers on a Linux VDA
Instructions to update the list of Controllers on a Linux VDA...
Virtual Desktop Agent Registration with Controllers in XenDesktop
Virtual Desktop Agent Registration with Controllers in XenDesktop. Event ID: 1022 Event ID: 1001 For successful installation, re-install Virtual Desktop 5.5. After the installation is successful, the following message is displayed: “Unable to initialize new components. The machine will register a...
Citrix Provisioning Services Target Device Displays Incorrect Windows Time
Target Devices may display the incorrect time. The Device time differs from that of the domain controllers. The symptoms can vary but include: 1. The inability to login to the Target Device 2. The Device domain Trust Relationship breaks. 3. VDA registration continues to fail...
Mouse cursor randomly doesn't display on dual-monitor environments
Scenario 1: The mouse cursor is not displayed on the first launch VDA session. clicking can make the cursor display. Scenario 2: VDA session is in full-screen mode on the secondary monitor of the dual monitor. Move the cursor from the primary monitor to the secondary monitor, and then the cursor...
CapsLock and Eisu keys on Japanese 106 keyboard are not working on VDA
When end users connect a Japanese 106 keyboard to the machine where CWA Linux installed and select Scancode mode in Citrix Linux, the extra keys in a Japanese 106 keyboard might not work on VDA. The Caps Lock or Eisu 英数 key is a special key that has different functions in different keyboard layou...