diff --git a/src/wp-admin/load-scripts.php b/src/wp-admin/load-scripts.php
index 5675b86570..d761cf4f72 100644
--- a/src/wp-admin/load-scripts.php
+++ b/src/wp-admin/load-scripts.php
@@ -45,7 +45,25 @@ wp_default_scripts( $wp_scripts );
 wp_default_packages_vendor( $wp_scripts );
 wp_default_packages_scripts( $wp_scripts );
 
-if ( isset( $_SERVER['HTTP_IF_NONE_MATCH'] ) && stripslashes( $_SERVER['HTTP_IF_NONE_MATCH'] ) === $wp_version ) {
+$etag = "WP:{$wp_version};";
+
+foreach ( $load as $handle ) {
+	if ( ! array_key_exists( $handle, $wp_scripts->registered ) ) {
+		continue;
+	}
+
+	$etag .= "{$handle}:{$wp_scripts->registered[ $handle ]->ver};";
+}
+
+/*
+ * This is not intended to be cryptographically secure, just a fast way to get
+ * a fixed length string based on the script versions. As this file does not
+ * load the WordPress full WordPress environment, it is not possible to use
+ * the salted wp_hash() function.
+ */
+$etag = md5( $etag );
+
+if ( isset( $_SERVER['HTTP_IF_NONE_MATCH'] ) && stripslashes( $_SERVER['HTTP_IF_NONE_MATCH'] ) === $etag ) {
 	header( "$protocol 304 Not Modified" );
 	exit;
 }
@@ -59,7 +77,7 @@ foreach ( $load as $handle ) {
 	$out .= get_file( $path ) . "\n";
 }
 
-header( "Etag: $wp_version" );
+header( "Etag: $etag" );
 header( 'Content-Type: application/javascript; charset=UTF-8' );
 header( 'Expires: ' . gmdate( 'D, d M Y H:i:s', time() + $expires_offset ) . ' GMT' );
 header( "Cache-Control: public, max-age=$expires_offset" );