There is a reflected XSS vulnerability in AXON PBX 2.02 via the βAXON->Auto-Dialer->Agents->Nameβ field. The vulnerability exists due to insufficient filtration of user-supplied data. A remote attacker can execute arbitrary HTML and script code in a browser in the context of the vulnerable application.