diff --git a/module/Activity/src/Controller/ActivityController.php b/module/Activity/src/Controller/ActivityController.php
index 1eabb3ba50..89465972ef 100644
--- a/module/Activity/src/Controller/ActivityController.php
+++ b/module/Activity/src/Controller/ActivityController.php
@@ -72,6 +72,12 @@ public function viewAction(): mixed
             return $this->notFoundAction();
         }
 
+        if (ActivityModel::STATUS_APPROVED !== $activity->getStatus()) {
+            if (!$this->aclService->isAllowed('update', $activity)) {
+                return $this->notFoundAction();
+            }
+        }
+
         // If the Activity has a sign-up list always display it by redirecting the request.
         if (0 !== $activity->getSignupLists()->count()) {
             return $this->forward()->dispatch(