How does xss work with web applications that take payload not through url

Most of the examples of XSS, I have seen examples of websites that get its parameter tampered through url. For example: http://somesitedoesnotexist/param1=123&param2=name&param3=alert('pwnd'); But if the application receives its payload not in the url but through Post body or through ajax how can attacker lure victim to perform xss by simply providing url to click?