- **Epistemic status:** #budding The severity is how serious a problem is. This is handled differently just about everywhere. The following is what I recommend: - **Critical:** Complete loss of functionality with no workaround, for example the software crashes, system is compromised, high risk of persona;/confidential data exposure, etc. - **Major:** [[Software Feature]] has a [[Software Bug]] and might have a workaround, for example a timestamp in a table is incorrect, potentially revealing user data, or aids in exploitation of other vulnerabilities. - **Minor:** [[Software Feature]] has a non-critical [[Software Bug]] and might have a workaround, for example clicking back clears the form data. - **Informational:** The issue has no real impact on the software or the business. --- ## References - LookFar. “Defining Priority and Severity: How to Classify and Approach Product Issues,” February 9, 2017. <https://www.lookfar.com/blog/2017/02/09/priority-and-severity-how-to-classify-and-approach-product-issues/>. - HackerOne. “Introduction.” Hacker101. Accessed June 28, 2022. <https://www.hacker101.com/sessions/introduction.html>.