The card below is the “product under test”. Use guided mode to see the bug list upfront, or blind mode to find them yourself first.
Techniques: Risk management
Open defects — Sprint 15 triage
Prioritise the list below. The sprint ends Friday. You have capacity to fix 3 bugs.
| ID | Description | Severity | Priority |
|---|---|---|---|
| BUG-101 | Logo misaligned by 2px on desktop | Low | P1 |
| BUG-102 | Payment fails for Visa cards on checkout | Critical | P3 |
| BUG-103 | Password reset email not sent | High | P3 |
| BUG-104 | Tooltip wraps awkwardly on Safari mobile | Medium | P2 |
| BUG-105 | User PII visible in error logs | High | P3 |
| BUG-106 | Dashboard chart legend label truncated | Low | P4 |
Your findings
0 / 0 bugs foundTick each bug as you confirm it on the page above. Progress saves automatically.
Write down every bug you find. Be specific — where it is, what’s wrong, what it should be.
Planted bugs (5)
- A 2px visual misalignment with Low severity is rated P1 (highest urgency). This is almost certainly wrong — it should be P3 or P4.
- Payment failure for Visa cards is Critical severity but rated P3. This directly blocks revenue and should be P1.
- Password reset not working blocks user access recovery — High severity but P3 priority. Should be P1 or P2.
- User PII visible in logs is a privacy breach. High severity but P3 priority. Should be P1 — regulatory and reputational risk.
- Based on correct prioritisation, the 3 highest-risk bugs are the payment failure, password reset, and PII leak — not the cosmetic issues currently rated P1/P2.
Priority ≠ Severity. Severity = how bad the bug is. Priority = how urgently it needs fixing given business context. A cosmetic bug on the CEO's homepage might be P1 for political reasons — document the reasoning.