> This is a mistake, an easily recoverable one, and is not intentional or malicious.
While I agree with most of your comment, you're downplaying the severity here, especially since, IIUC, this situation also affected the Tor browser, disabling NoScript. If regimes like China were on the ball, and succeeded in escalating the remote code execution vulnerability into into deanonimization, this debacle may end up having a death toll attached to it.
While I agree with most of your comment, you're downplaying the severity here, especially since, IIUC, this situation also affected the Tor browser, disabling NoScript. If regimes like China were on the ball, and succeeded in escalating the remote code execution vulnerability into into deanonimization, this debacle may end up having a death toll attached to it.