We are currently on 4.2.0d, and are wondering if this version is susceptible to the security vulnerabilities fixed in 4.2.1c (http://www.sugarcrm.com/forums/showthread.php?t=16348). We're waiting for the dust to settle on 4.5 before upgrading, but don't want to be exposed in the meantime... Thx