diff --git a/core/htmldataprocessor.js b/core/htmldataprocessor.js
index d1867262d56..e00c0a833c0 100644
--- a/core/htmldataprocessor.js
+++ b/core/htmldataprocessor.js
@@ -883,8 +883,9 @@
// Different protection pattern is used for those that
// live in attributes to avoid from being HTML encoded.
- return data.replace( /(['"]).*?\1/g, function( match ) {
- return match.replace( //g, function( match, data ) {
+ // Why so serious? See #9205, #8216, #7805.
+ return data.replace( /<\w([^'">]+|'[^']*'|"[^"]*")+>/g, function( match ) {
+ return match.replace( //g, function( match, data ) {
store[ store.id ] = decodeURIComponent( data );
return '{cke_protected_' + ( store.id++ ) + '}';
} );