Yes, it's generally a "full account takeover" for a given discord user.

But RCE usually means ability to run any code on the web server, and would generally get you access to _everything_ including full direct access to the database. All accounts and all data, not just a few accounts.

XSS is categorically not an RCE and my point is that mitigations exist which make "It allows you to run any action as if you were the owner of the account" an unwarranted assumption. The writeup shows that it's possible to pop an alert box. That doesn't tell you anything about what's actually possible. Obviously Discord got enough information to take it seriously, but extrapolating that to suggest every third-party using Mintlify is vulnerable to account takeover is highly dubious based on what's presented.