This paper covers most aspects of XSS attacks including:
- injection points
- attack scenarios
- attacker motivations and techniques
- code obfuscation examples
- starts laying a foundation on proper filtering framework.
Download the paper in TXT format here.