On D-Link DIR-615 devices, the User Account Configuration page is vulnerable to blind XSS via the name field.
dlink dir-615_firmware 20.07