In Mozilla Bleach before 3.11, a mutation XSS affects users calling bleach.clean with noscript and a raw tag in the allowed/whitelisted tags option.
https://www.checkmarx.com/blog/vulnerabilities-discovered-in-mozilla-bleach
https://github.com/mozilla/bleach/security/advisories/GHSA-q65m-pv3f-wr5r