[ISSUE] Outdated Select2 version

[mdklapwijk]

Please prefix your issue title with one of the following: [BUG], [ISSUE], [FEATURE REQUEST], [MODULE REQUEST], [OTHER].

Replace everything between stars with current version of your facileManager and module installations:
fM Version : 4.1.1

In raising this issue, I confirm the following (please check boxes, eg [X]):

• [x] I have read and understood the contributors guide.
• [x] I have checked that the bug-fix I am reporting can be replicated, or that the feature I am suggesting isn't already present.
• [x] I have checked that the issue I'm posting isn't already reported.
• [x] I have checked that the issue I'm posting isn't already solved and no duplicates exist in closed issues and opened issues
• [x] I have checked the pull requests tab for existing solutions/implementations to my issue/suggestion.

---

During a pentest of our systems the pentester reported the select2 framework to be outdated and vulnerable to Cross Site Scripting attacks (XSS):

Select2 framework version 3.5.2 has been detected. This version is vulnerable to a Cross Site Scripting attack

Input for x.x.x.x:443: https://x.x.x.x/fm-includes/extra/select2/select2.min.js

Output for x.x.x.x:443: Copyright 2014 Igor Vaynberg Version: 3.5.2 Timestamp: Sat Nov 1 14:43:36 EDT 2014

Their advise was to upgrade to version 4.0.8 or later.

[WillyXJ]

This isn't simple as v4.x breaks a lot of things within fM.