Cross_site Scripting DOM-based XSS vulnerability

I am doing the Cross-Site Scripting (XSS) DOM-based XSS lab and I am trying to get the last step of the lab which is identifying the DOM-based  XSS vulnerability.  I am pretty sure it would not be something like <script> alert("xss") </script> since I do not think Javascript would handle it.  I am leaning towards the event handlers like onerror but haven't gotten it figured out quite yet.  Any clues or suggestions would be appreciated.