diff --git a/app/controllers/concerns/authorization.rb b/app/controllers/concerns/authorization.rb
index e833c406..7709cb07 100644
--- a/app/controllers/concerns/authorization.rb
+++ b/app/controllers/concerns/authorization.rb
@@ -53,6 +53,7 @@ def authenticate_with_auth_code
   end
 
   def authenticate_with_user_uuid
+    return unless controller_path.eql?('issues_rss')
     Current.user = User.find_by(uuid: params[:user_uuid])
   end
 
diff --git a/test/controllers/issues_rss_controller_test.rb b/test/controllers/issues_rss_controller_test.rb
index e7f9e147..3bb36e6b 100644
--- a/test/controllers/issues_rss_controller_test.rb
+++ b/test/controllers/issues_rss_controller_test.rb
@@ -8,4 +8,14 @@ class IssuesRssControllerTest < ActionDispatch::IntegrationTest
     get "/issues_rss/#{user(:one).uuid}.xml"
     assert_response :success
   end
+
+  %w[dashboards delegations districts editorial_notifications feedbacks field_services groups issues mail_blacklists
+     places responsibilities
+     users].each do |controller|
+    test "not authorized for user with uuid at #{controller} controller" do
+      assert_not user(:one)[:uuid].blank?
+      get "/issues/#{user(:one).uuid}.xml"
+      assert_response :redirect
+    end
+  end
 end