You can inject arbitrary HTML into the custom CSS script, which can allow you to include a script tag to include arbitrary javascript.
While usually this would be blocked by CORS, a misconfiguration in the CORS settings means that as long as the user hosts the javascript to inject on cloudfront it will bypass the CORS protections and allow the injection.
The misconfiguration of CORS likely also opens up other avenues for CSRF / XSS vulnerabilities.
There are scripts to detect CORS errors and report them, however these are automatically blocked in the latest version of Firefox which prevents the current API from alerting Kagi on injection attempts, which appears to be a further bug.