Strong
Drover is the UK's leading car subscription company and has been acquired by Cazoo in January 2021.
Strong
Meesho is Indiaโs fastest growing internet commerce company. We want to make eCommerce accessible to all. Our vision is to enable 100 million small businesses in India, including individual entrepreneurs, to succeed online. Our mission is to democratise internet commerce by bringing a range of products & new customers online. What started as a reseller-focused platform six years ago has now emerged as a single ecosystem connecting millions of sellers, consumers and entrepreneurs. Want to know more. Check us out on Twitter: https://twitter.com/Meesho_Official
Security & Compliance Standards Overview
No incidents recorded for Drover in 2025.
No incidents recorded for Meesho in 2025.
Drover cyber incidents detection timeline including parent company and subsidiaries
Meesho cyber incidents detection timeline including parent company and subsidiaries
Last 3 Security & Risk Events by Company
An issue was discovered in chinabugotech hutool before 5.8.4 allowing attackers to execute arbitrary expressions that lead to arbitrary method invocation and potentially remote code execution (RCE) via the QLExpressEngine class.
A weakness has been identified in JeecgBoot up to 3.8.2. The impacted element is an unknown function of the file /sys/role/exportXls. This manipulation causes improper authorization. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way.
A security flaw has been discovered in JeecgBoot up to 3.8.2. The affected element is an unknown function of the file /sys/user/exportXls of the component Filter Handler. The manipulation results in improper authorization. The attack may be performed from remote. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not respond in any way.
A vulnerability was identified in JeecgBoot up to 3.8.2. Impacted is an unknown function of the file /sys/tenant/deleteBatch. The manipulation of the argument ids leads to improper authorization. The attack is possible to be carried out remotely. The complexity of an attack is rather high. The exploitability is considered difficult. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.
A vulnerability was determined in JeecgBoot up to 3.8.2. This issue affects some unknown processing of the file /api/getDepartUserList. Executing manipulation of the argument departId can lead to improper authorization. The attack can be executed remotely. This attack is characterized by high complexity. The exploitability is assessed as difficult. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
