Advisories for Pypi/Django-Select2 package

Instances of HeavySelect2Mixin subclasses like the ModelSelect2MultipleWidget and ModelSelect2Widget can secret access tokens across requests. This can allow users to access restricted querysets and restricted data.