The injection vulnerabilities of Web applications such as SQL injections and Cross Site Scripting (XSS) are mainly caused by external inputs which are not verified, while taint analysis can effectively locate these vulnerabilities. A dynamic analysis approach was presented by tracking all potentially tainted Java objects, which is different from existing approaches that only track characters or string objects. The approach used the hash code to represent the tainted object, defined the method node and method coordinates to record the location of the taint propagation, supported tracing the taint propagation path. The approach put forward a specific taint propagation analysis for stream-family objects according to the decorative pattern of Java stream objects. A language specification was also given to model Java libraries and user-defined methods related to taint propagation. The approach designed and formalized the taint propagation semantics of the methods according to the classification by taint introduction, taint propagation, taint sanitization and taint usage. The prototype system which implemented on SOOT used static analysis to collect reachable methods and instruments Java byte-code of the real Web sites, and the experimental results demonstrated the effect on detecting injection vulnerabilities.