An invisible form has been injected into this page by an external script (from marektoth.com). This is the same scenario as an attacker exploiting the Stored XSS vulnerability (also works for Reflected XSS and others).
Password manager automatically fill the injected form with the credentials you saved on this site. The script retrieves the saved credentials from the form and shows them in the table below. For more information see my research.
Username: ???
Password: ???