libox.net has released a cross site scripting paper which provides examples of bad php code, and also talks a little bit about automating an attack. Additional papers on XSS can be found in our Cross Site Scripting section.

"Cross site scripting (XSS) flaws are a relatively common issue in web application security, but they are still extremely lethal. They are unique in that, rather than attacking a server directly, they use a vulnerable server as a vector to attack a client. This can lead to extreme difficulty in tracing attackers, especially when requests are not fully logged (such as POST requests). Many documents discuss the actual insertion of HTML into a vulnerable script, but stop short of explaining the full ramifications of what can be done with a successful XSS attack. While this is adequate for prevention, the exact impact of cross site scripting attacks has not been fully appreciated. This paper will explore those possibilities." - Gavin Zuchlinski libox.net

The Anatomy of Cross Site Scripting (PDF) (Local Mirror)