The web interface of the D-Link DVA-5592 20180823 is vulnerable to XSS because HTML form parameters are directly reflected.
dlink dva-5592_firmware 20180823