An invisible form and iframe has been injected into this page by an external script (from marektoth.com). This is the same scenario as an attacker exploiting the Stored XSS vulnerability (also works for Reflected XSS and others).
A user who clicks on this page will automatically click on the KeepassXC-Browser icon in the iframe. Clicking will automatically fills the credentials you saved on this site. For more information see my research.