That should be:
<div ng-bind-html="trustedHtml"></div>
plus in your controller:
$scope.html="<ul><li>render me please</li></ul>";
$scope.trustedHtml = $sce.trustAsHtml($scope.html);
instead of old syntax, where you could reference $scope.html variable directly:
<div ng-bind-html-unsafe="html"></div>
As several commenters pointed out, $sce has to be injected in the controller, otherwise you will get $sce undefined error.
var myApp = angular.module('myApp',[]);
myApp.controller('MyController', ['$sce', function($sce) {
// ... [your code]
}]);