This presentation has given in Intercon 2007 (Portcullis’s internal conference), Talks about exploiting and identifying most common XSS vulnerabilities in real world.
Examples include following types,
- Classic XSS Vulnerabilities
- In HTML Attributes
- In Comments
- DOM Based XSS
- Flash Based XSS
- Direct Linking
Presentation was heavily based on demonstration, so you need to fill in the blanks.