Severity refers to the level of impact, the defect has created on the users. Say If a particular defect has occured in an application and if more than 80% of the users are affected by the defect, the defect type is “Critical”. Example : If the server is down and the application cannot be accessed by the users, in such cases the incident is “Critical”

Similarly if only 50% of the users are affected, say one of the modules in the application does not work, in such cases the severity of the incident can be treated as “Seroius”.

However priority refers to the “Urgency” with which the incident has to be fixed.
In most of the cases a critical incident can be of high priority, however the vice versa need not be true.
For example a user might request the support team member to change the font size of the text in a web page and in this case for the user, it might be of high priority, however it is not a critical or serious incident.