20:34
2026-07-15
dev.to
artificial-intelligence
SQL Injection in AI-Generated Code: Why Cursor Keeps Writing It
A developer found that Cursor, an AI code editor, generated a login endpoint with a SQL injection vulnerability (CWE-89) by interpolating user input directly into a SQL query string. The developer warβ¦