Blog Posting from Neil Carpenter: "A number of people are reporting that 10K+ Web sites have been hacked via a SQL injection attack that injected a link to a malicious .js file into text fields in their database.

Since the CSS Security team here at Microsoft worked with several of these incidents, I was able to look at multiple sets of data and the work that my colleagues had already done.  The first thing I noticed was that the attacks looked, with a few exceptions, identical."

http://blogs.technet.com/neilcar/archive/2008/03/14/anatomy-of-a-sql-injection-incident.aspx

See also:
XSS Detect Beta Code Analysis Tool
Microsoft Anti-Cross Site Scripting Library V1.5 

Urs