XSS (Cross site scripting) has been all over the news about security and I am sure you've heard about it even a bit. So, you must be curious on how it works....and more important is how to detect and fix such problem.
I came across this nice tutorial few days ago. I found it as simple, straight to the point and easy to follow....even for someone new in security field but at least has grab some root of web development. The author is Steve Kemp and it seems he has some talents regarding security (he released some advisories).
Enjoy ............ :)