Users could reorder columns they didn't have access to. Fixed by limiting ColumnScoped to User::Accessor#accessible_columns. References https://hackerone.com/reports/3449905