Advisory: Tor Browser 7.x has a serious vuln/bugdoor leading to full bypass of Tor / NoScript 'Safest' security level (supposed to block all JS).
PoC: Set the Content-Type of your html/js page to "text/html;/json" and enjoy full JS pwnage. Newly released Tor 8.x is Not affected.

— Zerodium (@Zerodium) September 10, 2018

Больше деталей на английском тут
https://www.zdnet.com/article/exploit-vendor-drops-tor-browser-zero-day-on-twitter/

на русском тут
https://www.securitylab.ru/news/495545.php

Уязвимость исправлена в версии 5.1.8.7