I've just found another commercial web apps scanner: "Acunetix Web Vulnerability Scanner". You can reach it here: http://www.acunetix.com

I usually do not quote or report some tools, but I tried the trial version which seems to be nice, but not more than WebInspect or AppScan. But while watching the tiny tools in the distribution, I saw an interesting file: RSnake_XSS cheat sheet.xml
This tool has a Fuzzer which performs some attacks from the XSS cheat sheet from http://ha.ckers.org and this is very interesting (this cheat sheet is something like the most relevant XSS attack dictionary).