I know on squarespace and Shopify and a few other website builders they allow arbitrary code in the section of a site. They also have a way to add custom arbitrary html and JS often.
That said everywhere else I’ve read that is a bad idea lol.
I guess it boils down to who is legally responsible for the code.
If you host your code yourself you can put whatever you want. If you host other people’s code on your domain but you made sure that they are responsible for it then you are fine I guess (I am not a lawyer though).
But safe, no, it is only as safe as the code is. If you will provide a CMS as a service you may quickly have to let people include js files script tags to provide whatever feature they want.